If you don’t know why you need a firewall it’s because you are not very tech savy. Don’t worry. You can discover by yourself why you need one. The router sitting in your house has one installed in it. And please don’t disable that by any mean. You can check why a firewall is important logging into your router. If you pick up your browser and point to the address http://192.168.1.1 it’s quite probable you find your router’s interface. But it’s also possible you can’t find any login option. It may be something like http://192.168.1.1/main.html. The user name and password can be easily guessed or even found in the manual or package that came with the device. You can try the following options:
Here a screenshot from one home use device:
The “embarassing” login prompt:
Yes, nobody told you. But you should change the administration password in your router. You can always reset the device to the factory state if you forget it, or the paper you wrote the password on gets fire.
Now. Somewhere in that interface there is a log capture system. It may be disabled. If it’s so turn it on. And come back 5 minutes later to read the logs. Take special care of reading the login attempts from the outside. Every minute your router is stopping someone (quite probably a bot nowadays) to get into your private network at home. In this era of new devices coming home with new capabilities such as internet connection this is more relevant than ever.
From those logs you can select a group of different ip’s. An IP is a number that computers understand and set a map for the streets and house numbers for the internet. Take one of those numbers and type in google: “whois” and the ip number. Like: “whois 78.265.39.48”. Now read one of the entries that google gave you. China? Russia? USA? It can come from anywhere on the planet and that address may not be the original one. But if the log states a login attempt from that address has been registered don’t doubt. Someone tried to reach access. It’s like having thousands of people a day knocking at your door.
This is a screenshot from a Telefonica’s home router where there are listed many blocked connections. The router’s firewall is doing its job correctly. Yes, some may be spiders from search engines, but others, may others indeed, are trying to mess around into your network. You really don’t want them.
Many operating systems, even those which are believed to be super safe as Ubuntu or even FreeBSD come with the firewall down. Windows and Mac too. That means there is nothing protecting them from those logins. And this has a very good reason. Nowadays computers are behind routers equipped with firewalls and the ISP’s are working hard to maintain their networks safe.
If as a manufacturer you would set the firewall on by default in any device one sure thing would happen. The user would find problems using it and they will come to the conclusion the device is broken. But it wouldn’t. It’d be protecting them. Since the majority of us is not tech savvy it’s believed to better have the firewall down. At least the router your ISP lend you will be protecting you. So don’t worry too much.
But you are setting your own UNIX workstation, aren’t you? Or maybe you are playing with a VPS (Virtual Private Server) you recently bought. Do you pretend to serve web pages from this server? Set a Firewall the minute you have that machine on and connected to the internet. This is mandatory, specially if you are installing a web server. Not doing so is considered negligent.