To find out what your ip address is do:
sudo ip addr
This will list all the network adapters on your system and show their
addresses, if they've been given one.
As to firewalls:
Plugging the workstation directly into the Comcast cable modem puts your
computer directly on the internet, where everyone can hack away at it
trying to break in. I always put some sort of router in between the
cable modem and my computer. They're available for cheap and are
usually plug-and-play. The router connects directly to cable modem,
i.e., the internet, and gets a public address while the workstation
connects to a private local intranet created by the router. Nothing on
the workstation can be accessed from the public internet unless I
specifically change the router's configuration to forward ports through
it to my workstation. In the situation you described there would be no
need to do such a thing. When connected in this manner the computer can
see everything on the internet, but nobody on the internet can reach the
computer.
With that setup in place the firewall on your workstation really doesn't
matter, but I always put one in place anyway. If you decide not to go
with a router between you and the public internet, then you definitely
want to do the following:
1) Check to see if the firewalld daemon is up and running and is
"enabled" to start automatically at boot:
sudo systemctl status firewalld
2) If sytemctl says it can't find firewalld, then install it with dnf,
start it, and enable it with systemctl:
sudo dnf install firewalld
sudo systemctl enable --now firewalld
Your system now has a firewall running with only the minimal ports
needed open up on it.
Get to know the firewall-cmd command. That's how you tell firewalld
what to block/allow. Like if you ever did want to open up for ssh,
let's say. Do "man firewall-cmd" and read all about it. Here's a few
basic commands to get you started:
To see your current firewall config:
sudo firewall-cmd --list-all
Pay particular attention to the "interfaces", "services", and "ports"
lines in the output. "interfaces" lists the network interfaces that are
part of this zone and use the rules defined within the zone. firewalld
has multiple zones predefined to support different use cases but that's
advanced stuff you can explore later. For now just make sure that the
interface that your computer is using to connect to the network is shown
here (Check the "sudo ip addr show" output to get the interface name if
you forgot it.) "services" is a list of names of ports that have been
opened in the firewall. There will be a couple of those. "ports" is a
list of other port numbers, ones that didn't have predefined names,
which have also been opened. Initially that line will probably be blank.
To open up ports for services, learn these options:
sudo firewall-cmd --add-service / --remove-service
sudo irewall-cmd --add-port / --remove-port
Also pay attention to the --permanent option. It determines whether the
changes you make are only temporary or whether they are saved and
restored after a reboot.
Hope this helps.
--
David King
dave at daveking dot com
--
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
