LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-04-2018, 11:21 AM   #1
Chris.Bristol
Member
 
Registered: Jul 2011
Distribution: Ubuntu Budgie 17.10
Posts: 195

Rep: Reputation: 4
NitroShare and UFW firewall


I have installed NitroShare 0.3.1* on Ubuntu 18.10 and 0.3.4 on Windows 7. I can transfer files in either direction with UFW firewall off, but not with it on. I assumed that I needed to add some rules to UFW and tried adding a rule (see first attachment) and something similar for the broadcast port 40816. The result can be seen in the second attachment.

Is this correct? I don't want to take any risks...
--------
*The standard version 0.3.3 has a bug, it isn't related to security, it just stops the transfer.
Attached Thumbnails
Click image for larger version

Name:	ufw1.png
Views:	12
Size:	22.3 KB
ID:	29096   Click image for larger version

Name:	ufw2.png
Views:	12
Size:	63.3 KB
ID:	29097  

Last edited by Chris.Bristol; 12-04-2018 at 06:01 PM.
 
Old 12-05-2018, 03:17 PM   #2
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 10,178
Blog Entries: 7

Rep: Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518
it looks like you opened port 40818 in both directions, for all connections, all (both) protocols.
of course that slightly reduces firewall security.
you can probably tighten it a little, but it is what it is: a whole in your firewall.
and without any holes, your computer cannot benefit from the internet at all.
 
1 members found this post helpful.
Old 12-05-2018, 03:53 PM   #3
KIOPRET
LQ Newbie
 
Registered: Nov 2018
Posts: 11

Rep: Reputation: Disabled
I prefer to rely on antiviruses, it`s usually enough for me )) however, are Ubuntu firewalls better than those for Windows, how do you think?
 
Old 12-05-2018, 04:43 PM   #4
Chris.Bristol
Member
 
Registered: Jul 2011
Distribution: Ubuntu Budgie 17.10
Posts: 195

Original Poster
Rep: Reputation: 4
Quote:
Originally Posted by ondoho View Post
it looks like you opened port 40818 in both directions, for all connections, all (both) protocols.
Good thing I asked then! So it's open to anything connected to my modem/router/hub on either side, which includes the Internet - so everywhere really. I thought I had just permitted WiFi connections to this side of my hub - the other computer.


I need a shell command something like 'ufw permit that other one' but ufw info doesn't show anything suitable. I'll have to find some UFW documentation.

Last edited by Chris.Bristol; 12-05-2018 at 05:01 PM.
 
Old 12-06-2018, 05:13 AM   #5
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 10,178
Blog Entries: 7

Rep: Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518
maybe your router ("hub"???) also has a configurable firewall.
that's where you could try to close that port to outside connections.
i don't think UFW can influence that. but it could allow port 40818 only from a certain IP address (or a range thereof).
 
Old 12-06-2018, 11:41 AM   #6
Chris.Bristol
Member
 
Registered: Jul 2011
Distribution: Ubuntu Budgie 17.10
Posts: 195

Original Poster
Rep: Reputation: 4
I have a Linux computer and a Windows computer.
https://wiki.archlinux.org/index.php...cated_Firewall says:
Quote:
Basic configuration

A very simplistic configuration which will deny all by default, allow any protocol from inside a 192.168.0.1-192.168.0.255 LAN, and allow incoming Deluge and rate limited SSH traffic from anywhere:

# ufw default deny
# ufw allow from 192.168.0.0/24
# ufw allow Deluge
# ufw limit SSH
So I picked out
# ufw allow from 192.168.0.0/24
to
Quote:
allow any protocol from inside a 192.168.0.1-192.168.0.255 LAN
which sounds right to me. I'll have to work out how to do this on the Windows computer as it's not appropriate to ask about that on LQ .

Last edited by Chris.Bristol; 12-06-2018 at 05:18 PM.
 
Old 12-07-2018, 02:06 AM   #7
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 10,178
Blog Entries: 7

Rep: Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518Reputation: 2518
Quote:
Originally Posted by Chris.Bristol View Post
# ufw allow Deluge
# ufw limit SSH
I don't like UFW's "application" settings, because
a) i like to know what exactly is being applied
b) they create the illusion of being for application-specific traffic, which they're not.
 
  


Reply

Tags
nitroshare, ufw


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
nitroshare houndhen Bodhi 1 01-09-2015 08:10 PM
LXer: Share your files easily on your computers with NitroShare LXer Syndicated Linux News 0 05-26-2013 07:20 PM
LXer: NitroShare: Easily Send Files To Other Machines On The Local Network Linux, Windows LXer Syndicated Linux News 0 07-11-2012 11:30 PM
LXer: Easily Share Files Over Local Network Using 'NitroShare' LXer Syndicated Linux News 0 06-24-2012 09:50 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:23 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration