Why would I need a firewall if my server is well configured?
Posted
by
Aitch
on Server Fault
See other posts from Server Fault
or by Aitch
Published on 2011-02-08T12:50:18Z
Indexed on
2011/02/08
15:27 UTC
Read the original article
Hit count: 272
I admin a handful of cloud-based (VPS) servers for the company I work for.
The servers are minimal ubuntu installs that run bits of LAMP stacks / inbound data collection (rsync). The data is large but not personal, financial or anything like that (ie not that interesting)
Clearly on here people are forever asking about configuring firewalls and such like.
I use a bunch of approaches to secure the servers, for example (but not restricted to)
- ssh on non standard ports; no password typing, only known ssh keys from known ips for login etc
- https, and restricted shells (rssh) generally only from known keys/ips
- servers are minimal, up to date and patched regularly
- use things like rkhunter, cfengine, lynis denyhosts etc for monitoring
I have extensive experience of unix sys admin. I'm confident I know what I'm doing in my setups. I configure /etc files. I have never felt a compelling need to install stuff like firewalls: iptables etc.
Put aside for a moment the issues of physical security of the VPS.
Q? I can't decide whether I am being naive or the incremental protection a fw might offer is worth the effort of learning / installing and the additional complexity (packages, config files, possible support etc) on the servers.
To date (touch wood) I've never had any problems with security but I am not complacent about it either.
© Server Fault or respective owner