undetected, or so they say. This is a very elementary configuration.
# apt-get install gufw
On the screen click on UNLOCK
Then click on top so it looks like this:
- Code: Select all
Close gufw (Ctrl + Q)
To avoid pings from potential hackers, (if you want to ping your machine, omit this editing)
From the terminal edit this file
# nano /etc/ufw/before.rules
And leave this section looking like this:
- Code: Select all
# ok icmp codes
-A ufw-before-input -p icmp --icmp-type destination-unreachable -j DROP
-A ufw-before-input -p icmp --icmp-type source-quench -j DROP
-A ufw-before-input -p icmp --icmp-type time-exceeded -j DROP
-A ufw-before-input -p icmp --icmp-type parameter-problem -j DROP
-A ufw-before-input -p icmp --icmp-type echo-request -j DROP
And go to http://www.grc.com
Click on ShieldsUp
On the next screen, click again on ShieldsUP (it's under Hot Spots)
Next screen, click on Proceed.
Next screen, click on All Service Ports
In the next screen, wait for the ports' probing...
At the end, it should be all green (neon green) meaning you're in stealth.
Read the report under this from grc, mine reads:
"Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was
received from your system as a result of our security probing tests. Your system ignored and refused to reply
to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine
does not exist on the Internet. Some questionable personal security systems expose their users by attempting
to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice."
UPDATE!!! Feb 8 2015
I went up to Testing (Jessie) nuked systemd, installed sysvinit and tried to install gufw - no dice. Googled for a while, and found that you can install 'ufw' and configure it from the terminal:
# apt-get install ufw
# ufw enable <Enter>
To see if it is running:
# ufw status <Enter>
To avoid pinging do as explained above, go to grc.com and check for stealth and voilá!
Reference: https://wiki.ubuntu.com/UncomplicatedFi ... tuFirewall