0

First layer of defence and device isolation of all my linux boxes is firewall denying all incoming connections simply by...

sudo ufw default deny incoming

...However I sometimes for a different reasons (testing, first update, backup laptop etc.) use older machines without current updates. Outdated few months, sometimes even a little bit more. Is the absence of updates in the case of a linux firewall a problem? How frequent and how important are bugs in the network interface or firewall as such?

(I was doing a research a little bit, but have no useful outputs. Few generic articles saying "firewalls have vulnerabilities, beware" and few really old CVEs. But maybe I am missing something because I am not sure about the keywords.)

Improve this question

1 Answer 1

Reset to default
0

ufw is a frontend for iptables. Like any software, ufw and iptables may have faults in them which make them vulnerable in sone way or another. However, if you look at list of known software vulnerabilities for iptables, you will notice that most are related to problems during configuration. That means someprocess or someone might be able to use iptables to cause even more harm, but they need to have access to the system already. Vulnerabilities which allow remote attackers to do serious harm are rare and/or limited to very specific set-ups.

Since this is not security.SE, I also add my opinion: Filtering incoming connections does not significantly increase security. As soon as you have an unsolicited process running on your system, the system is already compromised. You should focus on keeping the applications secure and updated as needed.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.