Hi. I wanted to know if it’s needed to install a firewall on a linux desktop/laptop. Why yes or why no?

  • smileyhead
    link
    fedilink
    arrow-up
    9
    arrow-down
    1
    ·
    1 year ago

    Yes, because you can forget what services are running and maybe they can be explited.

    An example can be Syncthing which setting are done via web browser at port 8384. If you do not have a firewall, everyone on the same network would be able to change Syncthing settings and then sync your directories to their devices.

    • Bitrot@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      Is syncthing listening on all addresses, or only loopback? A firewall would block it, sure, but that would also be bad design.

    • ReversalHatchery@beehaw.org
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      Good point, but syncthing only listens on localhost as others have said too.
      However it still is a network service that can have vulnerabilities, besides many others like KDE Connect (which may be a target as one of its purposes is remote control and monitoring) or a bittorrent client