Firewall and internet security on Trisquel

2 replies [Last post]
jantaro
Offline
Joined: 03/05/2016

I discovered Electrum and bitcoin because it was preinstalled on Trisquel. I use as well Trisquel for dealing with the online plattform from my local bank. I managed to compile bitcoin-qt by myself, because I was told that it was safer than running a lightweight wallet, and, by the way, it works fine. I mean, I´m using Trisquel for dealing with money. So I m little concerned about what kind of safety measures should I run to stay as safe as possible when connected to the internet.

I m connected to the internet using a Router VG 8050 Comtrend that was provided by my phone company. ( Optical Fiber ).

The connection was like automatic, nothing was configured neither on the modem or computer, the technician just came to my house and... "plug and play".

Gathering some information I learned about a firewall called UFW, that would block incoming connections, so I suppose I should run it on to stay safer.

Little do I know about internet configuration and security but these are the ports I need to keep opened.

Default Bitcoin network protocol listen port is 18333 (testnet) and 8333 (standard bitcoin network )
Default RPC connection port 18332 (testnet)and 8332 ( standard bitcoin network )

I need as well the torrent client Transmission and Icedove working fine. I don´t know if I should keep any other ports opened apart from the ports above. Of course I need Abrowser and Midori working fine and loading all kind of websites.

Should I block all the incoming connections running

sudo ufw enable

?. And then, unblock the desired ports with?

sudo ufw allow 18333
sudo ufw allow 8333 etc...

Is there any ports I have to keep opened for Transmission and Icedove?.

Browsers will keep on loading pages after doing this?.

Do you recommend UFW for Trisquel or is there any other firewall for this distro?.

Should I configure something else on my router or O.S to stay as safe as possible when connecting my computer to the internet for moneytransfer?.

What kind of things should I check from my internet connection and how?.

Thanks in advance to those who could say something back. Kind Regards!.

loldier
Offline
Joined: 02/17/2016

To me, it looks fine. You need firewall rules if you run a Bitcoin node or a server. Normally no ports are open. Web browsers and torrent clients open the ports as they are needed and then close them.

There's a GUI for UFW called GUFW.

https://help.ubuntu.com/community/Gufw

Bitcoin mining tells you if the port is not open.

http://www.lurkmore.com/mining/port8333/

lembas
Offline
Joined: 05/13/2010

> Is there any ports I have to keep opened for Transmission and Icedove?

I think not. Opening the port is useful though for transmission but I don't think it's required. Just don't expect to do much seeding without.