I pretty much have always thought there should be a good firewall between any system and the internet, however a man that i respect and has been in the hosting field for several years told me that on my web/mx server that i don't need one, because I only have so many ports opened up on it. I currently don't have a firewall in front of this box, but wanted your opinions about it. Here are the ports I have open from mxtoolbox port scan 6 open ports: 21 ftp Success 62 ms 22 ssh Success 78 ms 25 smtp Success 78 ms 80 http Success 78 ms 110 pop3 Success 78 ms 143 imap Success 78 ms Eager to hear what you all have to say. -S-
You don't need a Firewall in all circumstances. It all depends on your configuration and peace of mind. I run a Firewall at home and at work. Obviously I am a bit of a dork so I run overkill Firewall at home because I like to understand. I have ran Smoothwall, IPCop, and various other Linux made Firewalls. At work I tend to stick with CheckPoint and it runs very well. If you're just going to use SELinux or some kind of ACL on your Linux box touching the world, you could be OK but it all depends on experience and how well you can detect or prevent threats. Firewalls are not that much overhead in my opinion and worth the work / knowledge.