The Linux operating system is one of the most robust and secure operating systems you can get your hands on. However, this does not mean that it is not prone to security breaches at all.
When it comes to information security, it is important to take a proactive approach to avoid data breaches. This guide shows you how to add an extra layer of security by enabling and configuring the firewall on your Ubuntu Linux system.
Why use a firewall?
In a world of interconnected devices, data security is paramount and starts with you and your device. In addition to other security measures and the use of strong passwords, a firewall can help keep your system secure.
A firewall is a network program used to manage and control incoming and outgoing traffic on a network.
Ubuntu Linux comes with the firewall application UFW, which stands for Uncomplicated firewall, a simple and efficient application to manage your firewall. UFW allows you to configure your firewall and set restrictive policies to protect your computer on a network.
UFW is based on iptables, a native kernel administration tool for managing and filtering network connections.
Check the status of your firewall
On Ubuntu Linux, the firewall is disabled by default. Before you start configuring your firewall, you need to verify that this is the case active or deactivated.
sudo ufw status
From the output above, it can be seen that the firewall is active and other devices can access the port 5900 establish a connection. Most of the time, VNC servers use one port 5900 to allow remote desktop connections.
When the status output says inactive, Then you need to enable the firewall on your computer.
Activate the firewall with UFW
Simply run the following command to enable your firewall.
Activate sudo ufw
Your firewall is now activated and will start automatically when the system starts. If you do that again sudo ufw status Command you will see that your firewall is now active.
Tip: If you make changes using the ufw command, you will need to reload your firewall to register these changes.
sudo ufw reload
Enable firewall logging with UFW
System logging is a security mechanism that is responsible for registering and recording certain events on your computer. Your Linux operating system is constantly logging important events and the Ubuntu firewall is no exception.
Firewall logging is disabled by default on Ubuntu Linux. To enable firewall logging:
sudo ufw log in
Under Ubuntu is the /var/log/ufw.log File saves the firewall logs.
Define and delete rules
If you want to explicitly open certain ports on your computer to the outside world, you can do so with the option enable Option followed by the port number. For example, to explicitly allow HTTP connections from other computers, you need to enable port 80.
sudo ufw allow 80
You can also use the port's service name instead of the port number. To allow the HTTP service:
sudo ufw allow http
If you check the status of the firewall you will find that port 80 (HTTP) is now enabled on the firewall.
sudo ufw status
As you can see, port 80 is now defined to allow connections from other computers.
To remove the firewall rule that allows connections on port 80:
sudo ufw delete allow 80
Temporarily close a port
To temporarily close a port without clearing its rule, you can use the deny ufw Command. For example, to close port 80:
sudo ufw deny 80
Profiling applications with UFW
Certain applications on your system use certain port numbers to function properly. For security reasons, these applications have a UFW profile. Use the following command to list applications with a UFW profile.
sudo ufw app list
For applications with a UFW profile, a file is saved in the /etc/ufw/applications.d Directory. If you look at any of the files in this directory, you can see which port the application is using and the description of the application.
Allow connections from specific IP addresses
Sometimes you may want to trust certain IP addresses to connect to your PC. For example, to only allow connections from the IP address 192.168.10.197, you can use the following command:
sudo ufw allow from 192.168.10.197
To remove or delete the IP address from the list of allowed addresses:
sudo ufw delete allow from 192.168.10.197
Testing firewall rules
In some cases, you may want to test firewall rules before applying them to assess the impact they will have. For example, to test the opening of the SSH port without applying the changes, you can do the following:
sudo ufw –dry-run allow ssh
Firewall protection alone is not enough
The Ubuntu firewall allows you to configure and protect your computer on a network. However, the security of your system is diverse. The firewall alone is not enough to protect your system. Therefore, you should always take good security measures, such as: B. Use strong passwords for your accounts.
How to change your Linux password
Do you need to change your Linux password? Here is everything you need to know about how to reset a password on Linux.
About the author
(11 articles published)
Mwiza is a professional developer of software and writes extensively on Linux and front-end programming. Some of his interests include history, economics, politics, and enterprise architecture.
By Mwiza Kumwenda
Subscribe to our newsletter
Sign up for our newsletter to receive tech tips, reviews, free e-books, and exclusive offers!
One more step …!
Please confirm your email address in the email we just sent you.