I’ve been running my server without a firewall for quite some time now, I have a piped instance and snikket running on it. I’ve been meaning to get UFW on it but I’ve been too lazy to do so. Is it a necessary thing that I need to have or it’s a huge security vulnerability? I can only SSH my server from only my local network and must use a VPN if I wanna SSH in outside so I’d say my server’s pretty secure but not the furthest I could take it. Opinions please?
IMO: Exactly the reverse. That’s how we get clients clicking and agreeing to everything presented without for once thinking critically.
In 6 working years (MSP) I had probably less than 10 occurrences of clients questioning a security concept from their own action.
If we didnt protect them from their own stupidity, the amount of cyber breaches would explode…
Just recently:
A client: I clicked on the box that is asking me for domain credentials.
The client didnt say what type of window it was or what happened before/after.
The client juat contacted us, because the pc wouldnt connect to the network and thus was unusable… >_>
Possibly it’s about personality types. I was only going on my own experience. Of always being told by a chorus of experts “Oh no you don’t want to do that!” and ending up being terrified to touch anything. When I now know that I usually had nothing to be afraid of, because dangerous things tend to be locked down by design, exactly as they should be.
Until they arent.
They are experts because they knew what clicking the wrong button might do.
E.g.: Database admins using the wrong script with a miscconfigured argument or a backup admin responding to a failover, tripple checking every setting to not create a problematic failover and then still clicking the wrong button causing an outage because some random behaviour caused an overload.
It happens. And best case you were better (double or tripple) safe than sorry.