Hello fellow Linux enthusiasts!
As many of you know, Linux can be a powerful and flexible operating system, but it can also be daunting for new users, especially when it comes to securing their systems. With the abundance of information available online, it's easy to get overwhelmed and confused about the best practices for firewall configuration and basic security.
That's why I reaching out to the Linux community for help. I am looking users who are willing to share their expertise and write a comprehensive guide to Linux firewall and security.
The goal of this guide is to provide a centralized resource that covers the following topics:
Introduction to Linux firewalls (e.g., firewalld, ufw, etc.)
Understanding basic security principles (e.g., ports, protocols, network traffic)
Configuring firewalls for various scenarios (e.g., home networks, servers, VPNs)
Best practices for securing Linux systems (e.g., password management, package updates, file permissions)
Troubleshooting common issues and errors
Advanced topics (e.g., network segmentation, SELinux, AppArmor)
I am looking for a well-structured and easy-to-follow guide that will help new users understand the fundamentals of Linux firewall and security, while also providing advanced users with a comprehensive resource for reference.
If you're interested in contributing to this project, please reply to this post with your experience and expertise in Linux firewall and security. We'll be happy to discuss the details and work together to create a high-quality guide that benefits the Linux community.
Thank you for your time and consideration, and im looking forward to hearing from you!
Yeah I don't even understand the point. The vast majority of people don't even need a client side firewall. The only time you need to worry about a client side of firewall is if you're on a laptop that you actually take out of your house ever or on a university or otherwise shared network. At home it's completely meaningless and a waste of CPU Cycles.
There are significantly better ways to address security, like how to enable a sandbox like firejail or bubblewrap or enable things like apparmor, firewall is probably one of the most inconsequential parts of security these days because it's all handled by the local router
Home networks are full of trash like iot devices, like smart speakers, tvs, plugs, etc. Average people should have firewalls. It’s free.
If you genuinely wish to isolate those devices the correct way to do it is not with client firewalls but with a Smart Switch and vlans
You may want them to communicate with each other to control them. Also setting up a vlan is quite complex for most users even if it has clear upsides.
Man, I should do this one of these days.
if you have set up your whole home like being bugged you'll not gain much from a firewall in the most secure of devices among them.
Sure you will, the literal point of a firewall is to isolate trusted and untrusted devices.
my point was that at this point, you have more serious problems than first securing the device which by default is the most secure one among them. I mean it needs much more expertise and targeted attack for someone to break into your local network, and then manage to break into your linux machine, which by default is quite secure regardless, compared to the effort that is required to find unsecured IOT devices and get the data they happily share open in the wild.
If your home network is bugged with microphones and cameras without any proper security measures, adding a firewall in a linux laptop shouldn't be your priority. In contrary it is "dangerous" as a non tech savvy person may think that they are more "secure" now, while in fact they have added zero protection to all the sensitive data that they give in the surveillance devices they willingly put in their home.
This is all true… but a firewall takes no effort. It is the default on many OSes. Why not.
this whole thread is literally asking for people to put effort to collectivelly write a huge ass complete guide about linux firewalls targeting new users. So what I understand is that both the authors and the readers will have to put effort in either explaining or understanding and learning. We are not talking about a
sudo apt install gufw
and call it a day.You can write a guide about anything. It really is simple in the common case.
Yeah, because how many people take their laptops out of their home, amiright?
I did consumer electronics recycling and repair for 5 years, and then did like another 5 years of just generic home call repair. You would be shocked how many people basically use their laptop as nothing more than a weird underpowered desktop and it literally just never leaves that spot