https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Open Source


Firewall Tools for Ubuntu Security

  • Written by Christopher Tozzi
  • July 19, 2010

“Does Ubuntu have a firewall, and how do I turn it on?” is a popular question among new Ubuntu users.  The answer is a bit complicated, but it’s an understandable inquiry for those migrating from the Windows world. WorksWithU addresses that question below by taking a look at Ubuntu’s firewall and some of the tools available for managing it.

We’ll answer the first question first: Ubuntu, like most Linux distributions, ships with a built-in firewall in the form of iptables, so it does indeed have a firewall.  However, by default, iptables is not “activated,” in the sense that it’s not configured to do anything besides allow all traffic through.

For most Ubuntu users, that’s probably fine.  A normal installation doesn’t have any services running that constitute security risks, and there’s usually little need for a firewall on Ubuntu–especially if you’re behind a router or some other device that abstracts your computer from the public Internet.

On the other hand, if you plan on installing software that will open up additional ports, or if you don’t trust other computers on your network, telling the system to block certain types of traffic can be a good idea.  iptables-based firewalls can also come in handy for things like parental control, since they make it easy to prevent access to certain websites and services.

Firewall Tools

While iptables is very powerful, it’s also pretty complicated to use, unless you enjoy typing complex and obscure commands in the terminal.  Fortunately, a number of tools exist that provide user-friendly frontends for iptables, making it easy to configure firewall rules without reading volumes of man pages.  Here, we’ll take a look at three such tools available for the Ubuntu desktop.

gufw

First on our list is gufw.  gufw is a graphical interface for ufw, or “uncomplicated firewall,” Ubuntu’s native frontend for managing traffic rules.  ufw is a relatively new tool, having made its debut with Ubuntu 8.04 in 2008.  Although earlier versions of the utility lacked advanced features, most Lucid users should find that it more than meets their needs.

gufw screenshot

In my experience, gufw lives up to its promise of providing uncomplicated firewall configuration.  It doesn’t offer as many advanced options as its command-line companion ufw, but it provides a straightforward interface for blocking and allowing access to certain ports from certain hosts.

gufw would be a little more user-friendly if it made it possible to block services by selecting them from a list, rather than entering the port number manually.  Port numbers are easy enough to look up, but for non-geeks who just want to block websites or services like AIM instant messaging, this might not be obvious.

Firestarter

Firestarter, which has been around for a while, is another tool that provides a simple graphical interface for communicating with iptables.  It offers a few more features than gufw, such as a list of active connections:

Firestarter main window

Another cool feature built into Firestarter is Internet connection sharing, which makes it simple to allow other computers to connect to the Internet through your computer, if you have multiple network interfaces.  NetworkManager can now also do this, but Firestarter was the first application I know of to make connection sharing as easy as pressing a few buttons.

Firestarter Internet connection sharing setup

My only major gripe with Firestarter is the bug described in this forum post, which still seems to be present in Lucid.  By default, the “Add Rule” button was grayed out, and the only way to enable it was to right-click in a certain part of the Firestarter window.  Once I figured this out, however, configuring the firewall policy was pretty straightforward.

The wizard that runs when Firestarter is launched for the first time is also not as user-friendly as it could be, since it asks users what the name of their network interface is and whether it’s using dhcp.  This is stuff that the application should probably be able to figure out on its own, and which non-geeks are unlikely to be able to answer.

Firewall Builder

Last but not least–especially in terms of features–is Firewall Builder.  This cross-platform application may not look very pretty on the Gnome desktop, but it does offer a wide array of options.

Firewall Builder main window screenshot

Firewall Builder is available in open-source and commercial versions, and its main selling point is support for a variety of popular firewall backends for various operating systems, including Linux, OS X, Windows and others.  In other words, it can apply a single traffic policy across multiple computers running different packet-filtering software.  This design feature may come in handy for users who want a simple means of deploying a consistent firewall policy within a mixed-OS environment.

That said, Firewall Builder is certainly the most complicated of the utilities on our list, and requires some degree of geekiness to configure.  If you just want to keep your kids (or parents) off Facebook, stick with gufw or Firestarter.  But if you have more complex needs and don’t mind reading a little documentation to learn how to get started, Firewall Builder may be worth a look.  It’s available from Ubuntu’s repositories, or you can grab the very latest builds from the developers’ website.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs Open Source

Related


  • cloud data
    Your Cloud Data Is Protected, But Is It Portable?
    Why flexibility and containerization are the new must-haves for cloud data.
  • Spinoff Company
    IBM Names CEO of New Managed Services Spinoff
    The former IBM CFO is well-known to those within NewCo.
  • JEDI lightsaber
    AWS Still Chasing JEDI, Blasts Trump Administration Again
    AWS still wants to get JEDI from Microsoft. And there’s a new alliance in town. Plus, an update from iXsystems.
  • CEO Andy Jassy during keynote at AWS reInvent 2020
    AWS Partners Flooded with New Capabilities, Opportunities at re:Invent
    Channel head Doug Yeum introduced services, competencies and more ways for the channel to team with the cloud provider.

10 comments

  1. Avatar mw88 July 19, 2010 @ 3:46 pm
    Reply

    If you want a firewall which filters traffic by application instead of ports you should check out Anoubis: http://www.anoubis.org/index_1_en.html

    It was covered in the german magazine “LinuxUser”.

  2. Avatar Arup July 19, 2010 @ 11:20 pm
    Reply

    There is kmyfirewall in the repos, an excellent full featured yet easy to implement firewall gui for KDE.

  3. Avatar David July 20, 2010 @ 12:28 am
    Reply

    Very interesting blog post. Thanks.

  4. Avatar Christopher Tozzi July 20, 2010 @ 12:37 am
    Reply

    mw88 and Arup: thanks for the tips. I’m not familiar with either of those applications (as regards the second one, I also have used KDE in a while, so I’m not very up to speed on k-anything these days).

    David: glad you enjoyed the post. Thanks for the comment.

  5. Avatar Arup July 20, 2010 @ 9:48 am
    Reply

    Christopher,

    I just came back to KDE after 1999 with SUSE and PCLOS, after 2001 it was Gnome but KDE finally lured me back with its Pulse free pure sound and I am just amazed at how efficient it is with all the eye candy, memory consumption is at par with my Gnome installation but there is no annoying popping noise due to Pulse as it is with my Ubuntu Lucid, Kubuntu Lucid is just pure music, I am now permanently hooked on KDE. Maybe I overstepping but this is the future of Linux desktop, Gnome will be an alternative.

  6. Avatar Christopher Tozzi July 20, 2010 @ 9:57 pm
    Reply

    Arup: my suspicion is that as long as Ubuntu, Fedora and the other major distributions continue to use Gnome by default, KDE will remain an alternative desktop. But with the advent of Gnome 3 on the horizon, a lot could change in the next year, so we’ll see…

  7. Avatar Arup July 21, 2010 @ 11:32 am
    Reply

    Christopher,

    KDE is now a fully mature and very snappy alternative whereas Gnome 3 is in testing phase, this is the time for Ubuntu to take an initiative, maybe do one test release of KDE main instead of regular Gnome to get a feeler, I for one am sticking to KDE. Make sure you add the Kubuntu ppa to get the latest stable updates to your Kubuntu.

  8. Avatar Jef Spaleta July 21, 2010 @ 3:12 pm
    Reply

    Christopher,

    Its pretty clear that Canonical is on track to diverge their gnome offering away from what Gnome as a project envisions gnome 3 to be into something Canonical specific.

    By release 11.04 I really don’t expect it will be appropriate to call the default Ubuntu desktop a gnome desktop at all as pretty much all the exposed UI will be Canonical specific and not part of Gnome 3 upstream codebase. I very much doubt Canonical will ship gnome-shell as the default desktop UI..ever.

  9. Avatar Wagner Sartori Junior July 28, 2010 @ 3:07 am
    Reply

    shorewall is the best firewall package available. It does not have a GUI but is very easy to configure and put a firewall up.

  10. Avatar Amydfdk10 September 25, 2014 @ 12:12 pm
    Reply

    It is very important to have
    It is very important to have the best Firewall tools for any sort of platform to enable strength. Even though I am not really into Ubuntu, I enjoyed reading about the recommended Firewall tools that can be used for the Ubuntu platform. http://seomysitepro.com

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Dell Technologies Expands PowerProtect Portfolio, Embraces Data Protection Priorities
  • Wipro, Navisite, 2nd Watch Bolster Cloud Service Portfolios
  • IBM Cloud for Telecommunications to Rely on Integrators Right Away
  • WANdisco Partners Get First Formalized Partner Program

Galleries

View all

New, Changing Partner Programs: AWS, Tech Data, Avaya, Verizon

January 11, 2021

Industry Perspectives

View all

Help Your Customers Mitigate Malware: Viruses, Worms, and Trojans…Oh My!

January 15, 2021

SMBs’ Cybersecurity Risk Awareness Is Rising

January 13, 2021

Your Cloud Data Is Protected, But Is It Portable?

January 12, 2021

Webinars

View all

Blueprint for a Scalable MSSP Practice in 2021

January 21, 2021

Who’s Behind the Mask? Hacker Personas Explained

January 26, 2021

How Managed Hosting Providers Thrive with the Alternative Cloud

February 24, 2021

White Papers

View all

Why Subscription Business Model

January 15, 2021

The Ultimate MSP Guide to Sales Efficiency

January 14, 2021

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools

January 14, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

.@IBMServices snaps up #MSP Taos for #hybridcloud expertise. dlvr.it/RqggQR https://t.co/Fy3uPDtLNw

January 16, 2021
ChannelFutures

.@LenovoBusiness launches its thinnest #ThinkPad to date @CES, revamped ThinkBooks and #ThinkReality glasses.… twitter.com/i/web/status/1…

January 16, 2021
ChannelFutures

Help your customers mitigate #malware @Tech_Data #cryptolocker #antivirus #ransomware #cybersecurity… twitter.com/i/web/status/1…

January 15, 2021
ChannelFutures

Advantages of the Subscription business model for MSPs and IT Resellers @kaspersky dlvr.it/RqgDJn https://t.co/ay694fudp3

January 15, 2021
ChannelFutures

Cloud #distributor @Pax8 launches in UK with leadership team in place. dlvr.it/RqfJWx https://t.co/RsKDCowM5V

January 15, 2021
ChannelFutures

bit.ly/3oO2vFY twitter.com/Craig_Galbrait…

January 15, 2021
ChannelFutures

The Ultimate MSP Guide to Sales Efficiency @zomentum dlvr.it/Rqc63q https://t.co/rHIVLkR01K

January 15, 2021
ChannelFutures

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools dlvr.it/Rqc62k https://t.co/MQDcIYc7G9

January 15, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X