I was confused when I saw no Firewall settings under Wifi and Internet in the System Settings app, investigated a bit and then realised there is actually no firewall installed at all. I had to manually install ufw, ufw-extras and plasma-firewall.
Am I missing something or is this not a legitimate security threat for the unassuming user? In light of the Windows 10 deprecation there is a large influx of new Linux users (like myself) ongoing, and many of them are not going to go out of their way to make sure their firewall is running (or even know to do so). Many of them are going to have to use untrusted networks, and without a firewall they could end up with compromised security, no? I ask because Windows in comparison always has its firewall turned on by default, do the same sensibilities not apply here?
A userspace firewall is no requirement for desktop computers connecting to the internet by way of a cabled connection to a router. It’s only really useful for WiFi-connected laptops.
Furthermore, UNIX-style operating systems don’t share the same kinds of vulnerabilities that Microsoft’s proprietary operating systems are known for. It’s a completely different design.
That’s not true - either iptables or nftables (or both) will be installed. Whichever is used, that is the actual firewall, everything else is just a GUI to interact with it.
Neither will be enabled or configured by default and I understand why you’d prefer a GUI configuration utility.
Mostly, but it can also be used to block users, groups or apps from accessing the network.
Unlike Windows, Linux operates on the principle of “secure by default.”
This means (in simplified terms):
In reality, Linux has a built-in firewall.
This firewall is configured very strictly, blocking all incoming packets.
Internal programs are allowed to send packets and receive replies.
Unsolicited packets, however, are generally blocked (discarded).
Only those who want to (or need to) relax this strategy need a program to manage (configure) the firewall.
When corresponding server programs (such as an SSH server) are installed, the necessary (strict) firewall rules are automatically activated.
However, if only an SSH client is used, the existing rules are sufficient.
Firewalls can also provide a false sense of security if the firewall is then attacked (which happens again and again).
When using “untrusted” networks, it is advisable to use a VPN (not a firewall) !
Yes - Manjaro Linux is completely different from Microsoft Windows (see comment #2).
A default Manjaro Linux installation expose no services on any network.
Thus a firewall is an explicit requirement which must be satisfied by the local system administrator - usually the person installing the system.
Due to the heaps of malware targeting Microsoft Windows need to control both incoming and outgoing traffic - thus the need for the Microsoft Security Center.
If you are a power user and you are adding services to your system you are responsible for protecting the services on your system.
Manjaro Linux assumes no responsibility what-so-ever for any actions or lack thereof that any end-user may of may not execute on their system.
Applications and service for securing your system
firewalld
opensnitch
portmaster
ufw
There is security applications for almost any purpose
