Hello Pedro, thanks for the report; this was an explicit decision:
https://wiki.ubuntu.com/SecurityTeam/FAQ#UFW
Making firewall rules that are tight enough to stop threats yet open
enough for the computer to still be useful in a wide variety of
environments is very challenging. We've decided that it's better for the
tools to be available but not try to provide a default configuration.
Thanks
** Information type changed from Private Security to Public Security
** Changed in: ufw (Ubuntu)
Status: New => Opinion
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1999155
Title:
UFW Disabled by default
Status in ufw package in Ubuntu:
Opinion
Bug description:
UFW or iptables is disabled by default on both ubuntu server and
desktop, which poses a major security risk as ports that shouldn't be
open, are open by default, specially for incoming connections.
If UFW breaks working apps on Ubuntu server and desktop, at least make
it enabled by default but reject all incoming connections.
Malware and exploits are out in the open, and no one in their sane
mind would a Firewall suit disabled on Linux or Windows.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1999155/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
