View Full Version : Concerning the Knoppix Firewall

08-19-2012, 02:26 AM
Response to an e-mail question posed to Klaus K by utu follows...

> Anticipated Forum question on Knoppix firewall:
> Is the Knoppix firewall active with 'easy' setting as a default?

Answer: Only if you activate the firewall from this tool, otherwise not.

> That is, if a novice user is unaware of the firewall, and has
> never clicked on { Knoppix>Knoppix Firewall>Main menu>Firewall active? },
> is the firewall active and doing 'its thing' anyway?

Longer answer: No. But in fact, an unmodified Knoppix does not require
an active firewall, since there are no services running which would be
accessible from the internet. So, even if running NO firewall, it means
that Knoppix can access everything over the network, but hosts from the
network cannot contact any service on Knoppix.

Therefore, if you do a network scan targetting an IP address running
Knoppix, you will get similar results with or without an active

So, why would you want to activate the "easy firewall setup" anyways?
There is a reason: If you want to start servers like apache, ftp, samba,
ssh local-only for testing, the "easy firewall" can be used to protect
them from being accessed from the local area network and the internet.
If you start no servers, you don't need it (though activating it anyway
will probably not slow down your internet access in a noticeable way).

> I am presuming that is the case, but I don't know the answer.

The question probably comes from users who are used to their operating
system being easily hacked from the internet if they do NOT run a
firewall. But for Knoppix, this should not be the case, unless you
install or activate a server.

Technically, the fact that no ports are open to the outside world just
because there are no services running on them, would probably not count
as a "firewall", since they are not actively blocked.
