UFW on ParrotSec? Any thoughts?

firewall
(Jessica) #1

Hello

Firewall is one of the biggest necessecity for a secure device. Ive used UFW [uncomplicated firewall] on Mint and Debian before. Loved it. Did the job, was simple to operate, had GUI and was opensource.

Pretty sure most linux users may have heard about it but if someone is new to UFW, heres a wiki link

I thought i would install it on ParrotSec but before i do anything, I would like to know from the community if this is a good idea. Will it break my machine? because ive heard that installing a firewall on a pentesting OS would not be a good idea. On the same hand, i want my machine to be stealth and hidden in open networks.

All suggestions are welcomed.
Thank You! :blush:

(Matt) #2

People seem to get confused about this a lot, Parrot has a firewall. iptables is installed on your system and it can do everything UFW can do.

UFW is just a wrapper for iptables that makes it easier to use, hence the name ‘uncomplicated firewall’. You can also get a GUI for it called GUFW.

From the ubuntu wiki:

The default firewall configuration tool for Ubuntu is ufw. Developed to ease iptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall. By default UFW is disabled.
Gufw is a GUI that is available as a frontend.

So if you arnt confident with iptables, then installing UFW will make it easier to add rules.

3 Likes
#3

Do you have a link to iptables configuraion?

#4

I have been using GUFW myself. I use it based on some assumptions, such as, the “Home,Office, Public” option deals with local communications. The “Allow Out” allows all outbound communications. Will this setting overrided any Iptables settings that may block some outgoing by default The “Deny In” blocks all incoming communications. (or does it just block unsolicited incomming communications?). I guess my question is, are Iptables safer by default than GUFW as set above?

(Jessica) #5

Thats the thing. Im not sure if it will break my system or network. Which is why i was looking for someone who uses gufw and has decent expreience to let me know if they had any problems running stuff like proxychains and tor and nmap and other stuff.