this post was submitted on 25 Nov 2023
1499 points (97.9% liked)
linuxmemes
20912 readers
1925 users here now
I use Arch btw
Sister communities:
- LemmyMemes: Memes
- LemmyShitpost: Anything and everything goes.
- RISA: Star Trek memes and shitposts
Community rules
- Follow the site-wide rules and code of conduct
- Be civil
- Post Linux-related content
- No recent reposts
Please report posts and comments that break these rules!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
For everything? You still shouldnt be running all ports open around. As it would ease the work of hackers getting backdoor access.
So just close the ports (or more precise: Do not open them, as "closed" is the default for most software on Linux).
Yup, and if some bad software wants to create malicious webserver they can not do it as all the ports that are open are used in a legit way. And thus can not really communicate either one or the other way.
A webserver listens on port 80 or 443. Neither port can be claimed by a normal user (no port below 1024 can). But yes if you manage more than your own user on a desktop AND these other users are not allowed to start programs on their own THEN a firewall can be helpful; but this is not a normal situation for a desktop-client, isn’t it?