Cyber security enthusiast/ pen tester who loves Linux and teaching how to keep people safe online. Also a Linux advocate and open source GNU/Linux supporter.
Knows python, rust, C++ C# and java (unfortunately)
- 0 Posts
- 19 Comments
I know all this already. But I also use arch and have been for the last 6+ years and I use ufw lol
The main one everybody uses at least from my knowledge and from what I’ve used over the last 13 years is UFW. That is what you want to use.
A firewall is very important not just for being on public Wi-Fi connections. A firewall is your extra layer of protection
I don’t know what Distro you run. But it’s almost the same for each one
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-20-04
UFW is installed by default on Ubuntu. If it has been uninstalled for some reason, you can install it with sudo apt install ufw.
Using IPv6
sudo nano /etc/default/ufw
That command should come back with this
IPV6=yes
Save and close the file. Now, when UFW is enabled, it will be configured to write both IPv4 and IPv6 firewall rules. However, before enabling UFW, we will want to ensure that your firewall is configured to allow you to connect via SSH. Let’s start with setting the default policies.
Setting up default policies
sudo ufw default deny incoming sudo ufw default allow outgoing
These commands set the defaults to deny incoming and allow outgoing connections. These firewall defaults alone might suffice for a personal computer, but servers typically need to respond to incoming requests from outside users. We’ll look into that next.
To configure your server to allow incoming SSH connections, you can use this command:
sudo ufw allow ssh
This will create firewall rules that will allow all connections on port 22, which is the port that the SSH daemon listens on by default. UFW knows what port allow ssh means because it’s listed as a service in the /etc/services file.
However, we can actually write the equivalent rule by specifying the port instead of the service name. For example, this command works the same as the one above:
sudo ufw allow 22
If you configured your SSH daemon to use a different port, you will have to specify the appropriate port. For example, if your SSH server is listening on port 2222, you can use this command to allow connections on that port:
sudo ufw allow 2222
To enable UFW, use this command:
sudo ufw enable
There are way more viruses written for windows than there is for Linux
-
Linux users find viruses and they report them and then everyone works on a fix for it and it gets patched as soon as possible. This is why open sourced code is good.
-
Windows takes forever to fix or patch viruses most of the time they probably dont even care.
Everything virus related or even bug related gets patched almost immediately under Linux
Also… Everything you install on Linux is pre compiled and ore configured inside a package manager and these packages get checked constantly for bugs and viruses. Theres almost no need to install anything on Linux from websites that could be compromised
Out of the 13 years I have been using Linux I haven’t Once caught a virus but I also study malware and write malware so I also understand it more on a deep level.
But honestly it’s very hard to catch a virus on Linux
-
What don’t you completely understand about Linux firewall? I don’t mind helping you learn
ClamAV is really only used to check for cross virus contamination. It’s a tool that checks for windows malware inside of Linux.
Linux doesn’t need any malware software. The way Linux runs and works is already way more secure in itself, almost everything you’ll ever download is pre compiled intro software repositories that are checked constantly.
The only way you’ll catch a virus on Linux is being dumb and clicking ads or downloading something from untrusted sources like websites that could be fake but look real.
Oh yeah that’s right. I totally forgot ooensuse does that 😆 been a long time since I’ve used it.
I’m on Arch myself. Been a Linux user for 15 years I love it
Thanks for reminding me
Tumbleweed is rolling release so just make sure you snapshot your system once before an update and once after just Incase something goes wrong
Ghost@lemmy.mlto Announcements@lemmy.ml•Upcoming AMA with Lemmy's creators: Monday, 7 Aug, 1500 CESTEnglish4·2 years agoHey, I figured it all out after messing around for a little bit. Thank you so much! You all are awesome!
Ghost@lemmy.mlto Linux@lemmy.ml•Steam On Linux Usage Spikes To Nearly 2% In July, Larger Marketshare Than Apple macOS2·2 years agoPop OS is based off of Ubuntu so I mean makes sense.
Ghost@lemmy.mlto Linux@lemmy.ml•Steam On Linux Usage Spikes To Nearly 2% In July, Larger Marketshare Than Apple macOS1·2 years agoI also noticed that. It takes all the pressure off me though because I’m an arch user and have been for 10 years 😂
https://github.com/arindas/manjarno
https://www.hadet.dev/Manjaro-Bad/
Manjaro also has a “rolling release” model that isn’t actually fully rolling release. They hold back packages for a few weeks which in return has almost always destroyed the AUR for not only manjaro users but Arch users.
They lie about it being fully rolling. Not just that they have forgotten to sign their signature keys multiple times before releasing big updates.
Sure it’s an easier Arch for “beginners” but I’d say it’s easier to just install arch on a VM if you really want to learn and use arch that bad a VM is the best way.
Pure Arch is better than Manjaro. Hell I hate Ubuntu but I’d rather use that over Manjaro
Okay just wanted to make sure. Are you still having the issue?
Ghost@lemmy.mlto Announcements@lemmy.ml•Upcoming AMA with Lemmy's creators: Monday, 7 Aug, 1500 CESTEnglish201·2 years agoYeah agreed, with enough administrators it could be kept to a minimum especially if users help with reporting comments, posts and so on. But it will still be very hard to completely keep Lemmy clean of trolls and all the nasty stuff we would rather stay away from that reddit has become.
I believe it’s the users job to help keep the app safe as well. Administrators can’t catch everything which is why it’s really good to have a report button. I know earlier today I reported something very serious (like incriminating) on reddit and I reported it and I somehow got banned for report spamming but then the person got a temporary ban for illegal activities… it’s just so sad what that place has become
I’m a free speech activist and open sourced enthusiast. I also work in cyber security and to be banned for reporting illegal activity and then have them walk away with a temp ban is pretty disheartening tbh
I think from what I’ve seen being on here for a couple hours
-
I love it a lot more we just need to get more active people
-
The idea behind this site is amazing and I like what it stands for.
-
You guys (as devs) seem to be working very hard on this and you all seem to really care about free speech and having a friendly and active community
I will be supporting this site from now on and can’t wait to create my own communities and see how it turns out in the future <3
-
Ghost@lemmy.mlto Announcements@lemmy.ml•Upcoming AMA with Lemmy's creators: Monday, 7 Aug, 1500 CESTEnglish17·2 years agoI’m new to here and really enjoying it so far. I came here because I’m tired of what reddit has became it’s a very dangerous place over there and they should be investigated.
I was curious. I’ve been a Linux admin for a while and I loved some of the communities on reddit. I’m really good with admin work and watching over communities and servers and wanted to know when I’d be able to create my own community?
I’d love to see a piercing community here where people can talk piercings and ask for advice.
Thank you for making this place awesome so far! I’m also working on my own application
I believe in free speech and open sourced software and I believe in internet security and privacy and always try to inform people on how to stay safe online.
Currently working on my own app similar to this called Freddit meaning ( F*** reddit) 😆
Is the Bluetooth showing up at all? I remember a work around I found was to shut the computer down completely unplug it from the power supply and then hold down your power button for 30 seconds to hard reset the computer than start the system up and you should have Bluetooth
You should give Gentoo a try. I’m a 12 year arch user. Gentoo is really solid and fun though. Or hell if you wanna go that advanced try LFS :)
Oh this looks very clean! Great work and love arch