Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I was considering setting up a software firewall (pf) on my web server and did s

ID: 656053 • Letter: I

Question

I was considering setting up a software firewall (pf) on my web server and did some research on them. Were I to do it, it'd involve basically blocking connections to all ports except 80, 443, and the non-standard port I'm using for SSH connections.

But seeing as how my server already only has services running on those ports anyway, would it just be pointless? I don't really have a need right now to region-block IPs or anything complex like that.

In simple words that someone with a not-so-complete understanding of IP networking can understand, would it still be useful for me to configure a firewall in this way? How, functionally, is it different from just continuing to not run services on the ports I would block?

Explanation / Answer

In the ideal world, an open port without any services running behind it is the same as a port that is not opened. In the real world, humans make mistakes. The less control you have on a system, the more likely any attack on your system would be amplified by a mistake.

A firewall serves to mitigate your mistake by adding an additional layer of control to your computer system. It does so by accepting, rejecting or dropping connections based on your configuration. As a side effect, it helps to reduce your attackers' ability to fingerprint your operating system (OS) to launch more targeted attacks.

If you are not familiar with your OS, there is a likelihood that you would accidentally re-enable disabled services or start new services that are installed via a system upgrade. Unless you consistently do a check using program such as netstat, these services would be quietly listening for incoming connections without your knowledge. Some of which may, over the course of time, become vulnerable to attacks and provide gap for an attacker to breach your system.

By running a firewall and blocking ports without active services, you are essentially hardening your system by providing redundancy in the event that a security control fails or a vulnerability is exploited during the system's life cycle. This approach is known as defense in depth.

Related Questions

I was able to figure out the Radj for question 5 which was 40 ohms but I didn\'t
Question #1847174
I was able to figure out the Radj for question 5 which was 40 ohms but I didn\'t
Question #1847175
I was able to figure out the code for \"Less than $40K\" and \"Greater than $100
Question #2604361
I was able to figure out the process schedule (orange juice for 1.5 hours, 0.5 h
Question #415732
I was able to fill out the first journal entry but need help with the others. Th
Question #2555234
I was able to find the answer to (a) and (b), but I\'d love some help on (c) and
Question #3700035
I was able to find the maximum velocity and acceleration for part b. However, ha
Question #2997770
I was able to finish all the other questions, but I am struggling with this page
Question #3475552
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
I was confused on my lab dealing with Coulomb\'s law andelectrostactics when it
Next
I was curious about the whether or not watching the weekly lecture had an impact

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.