Re: End-user laptop firewall available?
On 12/08/2013 04:13 AM, Jérémie Marguerie wrote:
> On Sat, Dec 7, 2013 at 4:03 PM, Anatoli Lichii <anatoli@lanixx.com> wrote:
>> I use ufw/gufw
>
> A simple firewall configuration is to allow what goes out and only
> accept what comes in if it was initiated from your laptop
> ("established"
> connection).
>
If you used only laptop ie no service port open and only tcp/ip return
connection needed. I think at firewall is useless, because you want use
all services and you must accept return connections, but if you like use
only spesific protocols for outgoing services then firewall helps.
These hostfirewalls are good for servers only, but only reason why these
coming popular was Windows-machines which start spread malware from
spesific serviceport. At enterprise environment you sometimes could
shutdown these port via firewall and mitigated problem.
These cloudservices made edge firewalls quite useless at many
environment, because most services were tunneled inside https. Any
customer behind firewall can tunnel anyone via his/her computer to
intranet. This is one reason why these umt/ips firewalls with own
certificate were used at many company today.
If you like use firewall, fine, but it have own incompletenessines.
I like use fwbuilder, since it's easy made complex setups.
Regards, Riku
Reply to: