I’ve been running my server without a firewall for quite some time now, I have a piped instance and snikket running on it. I’ve been meaning to get UFW on it but I’ve been too lazy to do so. Is it a necessary thing that I need to have or it’s a huge security vulnerability? I can only SSH my server from only my local network and must use a VPN if I wanna SSH in outside so I’d say my server’s pretty secure but not the furthest I could take it. Opinions please?
I just went done this road and i’d say it is worth it even only for the learning part. I’ve set counter per application in nftable, and via a python script send them in SVG graph format to Glance dashboard. The result is I can monitor my whole network per application and the best part it all add up very well so I know there is no ‘unknown’ outgoing or ingoing traffic on my machine.