On Sat, Dec 07, 2013 at 10:55:30AM -0600, Richard Owlett wrote: > I chose phrasing of subject line to emphasize some peculiarities of > my needs. > > End-user emphasizes: > - I am *NOT* an expert > - my system is never intended to be a "server" (...)
Based on this I suggest you use a simple firewall tool (GUI-based) to setup a basic firewall configuration. Firewall tools to setup a simple firewall from the Desktop: - Gufw, for GNOME. Available in Debian in the 'gufw' package. https://help.ubuntu.com/community/Gufw - Guarddog, for KDE. It is available in Debian in the 'guarddog' package. More info at http://www.simonzone.com/software/guarddog/ - Firestarter, for GNOME. It is available in Debian stable, but has, however, recently been removed from testing and unstable (not supported upstream anymore it seems). More information at: http://www.fs-security.com/ In a basic setup of the firewall it will allow *all* outgoing connections (regardless of the program) while block *all* incomming connections. This might be helpul: - if you inadvertedly install a server-type software - if you mis-configure (or a package admin does) a desktop based software (such as cups) to listen to then network, consequently exposing your system > A couple months of reading has left me confused as to a suitable > firewall. Did you read the "Securing Debian Manual" - here http://www.debian.org/doc/user-manuals#securing Granted, the content is not too up-to-date, but my answer is similar to what you can find here: http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html#s-firewall-setup > Any help/direction appreciated. Hope the above helps. If you have suggestions on how to improve the "Securing Debian Manual" please send them my way (patchs/diffs preferred :) Regards Javier
signature.asc
Description: Digital signature