On 2020-02-23 19:45, Tim via users wrote:
On Sun, 2020-02-23 at 09:56 +0800, Ed Greshko wrote:
your IPv4 address is also a Public IP address the same way the IPv6 address is. Directly connected to the Internet with no NAT. Also, your modem does not have an internal Firewall. Therefore, the firewall on your system is vital.
I'd say it's even *more* vital that if you run any services (SSH, mail, FTP, HTTP, DNS, etc), that you configure them securely, than rely on a firewall to protect them.
Well, if you are going to expose those services to the outside world that almost goes without saying.
But, the OP has no desire, it seems, to do that.
So, if one would check, all ports are now "filtered".
e.g. If you ran a test webserver, but didn't intend to serve it to the WWW, then you'd configure the test webserver to only listen to internal addresses/interfaces. Likewise with any other server that you don't intend to be externally accessible.
His system seems to be quite stand-alone.
He only has one interface connected to the Internet and one for virtual machines. No LAN and no apparent WiFi interface.