July 7, 2011, 10:35 p.m.
posted by jack
Anyone with a machine or network that interacts with the Internet should have a firewall in place. Firewalls block unwanted or unknown traffic while letting legitimate packets gain access to valid services or systems.
Under Linux, there are three ways of controlling service access by hosts or networks: iptables, TCP wrappers, or individual daemon config settings. The first is the only method that can both be considered a truly hardened method of limiting service access on an untrusted network (personal firewall) and be used in either a stand-alone server or a full-blown network firewall configuration. It can be difficult to master, but there are various GUI tools to assist you in this journey. The other two methods of service access control are good for trusted networks and setting up quick departmental restrictions to various services on stand-alone server installs, but technically cannot be classified as firewalling.
Just remember three important points:
The more ports you open up in a firewall, the less secure your system is.
To be truly effective, firewalls and external security systems must be built on top of systems that already have best practice foundational security elements in place.
Security that you don't both fully understand and fully control is just an illusion.