[Discuss] Trying to connect to internet in Debian
Kent Borg
kentborg at borg.org
Thu Jan 15 20:44:05 EST 2026
On 1/15/26 4:40 PM, Randall Rose wrote:
> Unfortunately I am in a situation where I need to rebuild some machines with only a Debian and a Fedora install disk to work from. With Debian, it's hard to connect to the internet since Debian doesn't like to provide a firewall in the initial install.
I think this is easier:
* Install the OS without a firewall.
* Get it working.
* Set up the firewall later—if at all.
Linux is quite secure as-is. If you don't install anything that is
listening on any ports, then there is nothing for the firewall to
protect. I don't worry in the least having my laptop on the open
internet because it is listening on no ports. Not even on 22 for ssh.
(On that machine I only ssh out, never ssh in.)
If you do have something listening, choose wisely what is listening,
configure it carefully, and keep your software up-to-date. (Whether you
have a firewall or not.)
But how in heck are you even going to get it /on/ the open internet?
Nearly every connection is going to be behind a NAT which isn't going to
allow incoming packets to reach you anyway.
Do an nmap scan of yourself and see what is listening, and ask why for
each hit. If you don't need it, then get rid of it or configure it to
only listen on localhost.
Then what do you need a firewall for? Okay, if you want it as an extra
layer, configure it. But get your computer working first, make the base
computer secure without a firewall, then add the firewall later. Easier
that way.
-kb
More information about the Discuss
mailing list