Firewall and daemons

You should always have an active firewall. It allows you to control what ports your PC uses to communicate with the Internet. Ideally, all ports are closed.

Start "Menu | Setup | Linux-Firewall Wizard".

Go to the "default" entry using the Arrow Down key (this option closes all ports) and press Return.

Now you can check the firewall rules. Confirm the default ("Yes") with the Return key.

The line that reads "Performing sanity checks ..." should display "PASSED" now. Press the key you love best ...

... to get to the next dialogue. It allows you to activate the firewall rules.

Confirm the default ("Yes") with the Return key.

The firewall is now active. Hit Return to finish setup.

The "default" option you selected closes all ports. You can specify which ports should be left open using the Firewall Wizard's "custom" option. You should only open the ports you really need. If you use a certain port only occasionally, you should open it only when you need it. An open port is usually not a security risk per se. It only becomes vulnerable if your PC is running a service (a so-called "daemon") which uses that port to listen for incoming requests. This is why you should not run any daemons you do not need on your PC.

This is how to check for which ports are open and which services are running:

Install the Program nmap. Nmap is available as a PETget.

Open a shell and enter:

nmap localhost

This lists open ports. A home user without a home network of her own should have no open ports. The X11 service is open because it is the one responsible for the graphical desktop.

The following command gives you a list of which services are listening on which ports:

netstat -anp --ip

This list, too, should be empty except for the X11 port if you are a home user who does not run a web server or a home network; i.e., no services (daemons) should be running.

You can test your firewall at the Web site Shields Up!. Load the page and click the Proceed-button.