Silk Road forums

Discussion => Security => Topic started by: eJ3k1 on July 02, 2012, 10:36 pm

Title: firewall / malware protection
Post by: eJ3k1 on July 02, 2012, 10:36 pm
So I have Ubuntu running from a fully encrypted hard disk. Tor and GnuPG both work.

Do I need to install any additional software like a firewall, to protect my machine from third parties installing malware?
Title: Re: firewall / malware protection
Post by: oscarzululondon on July 02, 2012, 11:08 pm
A firewall doesn't hurt, although your router should have one anyway. In your circimstances a Firewall is more useful to monitor outgoing connections to see if there are any leaks which may give away your identity.

Using Tor with a private unlisted bridge and a traffic obfuscator such as obfsproxy, which you can read about on the Tor website, gives you the ultimate protection:

https://www.torproject.org/projects/obfsproxy-instructions.html.en

Essentially this means your ISP doesn't know you are using Tor, and may think you're having an MSN chat or something instead. It's particularly useful if you think you are already being monitored.
Title: Re: firewall / malware protection
Post by: LouisCyphre on July 03, 2012, 10:28 am
Quote from: eJ3k1 on July 02, 2012, 10:36 pm
So I have Ubuntu running from a fully encrypted hard disk. Tor and GnuPG both work.

Do I need to install any additional software like a firewall, to protect my machine from third parties installing malware?

It's worth running IPTables or similarly capable firewall/network filter on any system that connects to the Internet and especially so if it is providing services beyond your network.
Title: Re: firewall / malware protection
Post by: LouisCyphre on July 03, 2012, 10:43 am
Quote from: oscarzululondon on July 02, 2012, 11:08 pm
A firewall doesn't hurt, although your router should have one anyway.

Careful with this.  A lot, though certainly not all, of ADSL/cable modem-routers aren't really running as a firewall.  In a lot of cases they're just running NAT with port-forwarding if there's a server present.

Systems on the LAN are effectively protected because connections initiated by an external host are not recognised by the NAT routing and don't go beyond the WAN IP.  It is an unintended consequence of using NAT, which was only ever implemented as a kludge to try to make IPv4 addresses last longer.

With a firewall you want something with at least the capabilities of IPTables (which a lot of commercial products are based on anyway).