Is my home laptop safe with firewall activated?

On my home laptop I have Kubuntu 18 with internet cable through network .
To connect to the internet no additive options/credentials,
with firewall activated :

 sudo ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Apache Full                ALLOW IN    Anywhere                  
[ 2] Apache Full (v6)           ALLOW IN    Anywhere (v6)

Can I be sure that my laptop is safe with firewall activated ?
I have apache installed with several local hosts I work with.
I do not have any additive servers which are eccessible in internet.


Well let me first suggest that running websites from a laptop is probably not a viable longterm strategy.

‘Can I be sure that my network enabled device is safe’ is always answered by ‘no’, because of the words ‘network enabled’.

What attack vector are you trying to suggest you are safe from?

Some time ago I encountered that several mysql databases were deleted with content :

To recover your lost Database send 0.03 Bitcoin (BTC) to our Bitcoin address 17MdANTVUPfn1SaqbbTQCNgAvQnoaQ6M2s and contact us by Email with your Server IP or Domain name and a Proof of Payment. Your Database is downloaded and backed up on our servers. Backups that we have right now: Boxbooking2_LIVE_2019_06_20, Hostels2, Votes. Any email without your server IP Address or Domain Name and a Proof of Payment together will be ignored. If we dont receive your payment in the next 10 Days, we will delete your backup.

I restored these these databases, that was not a problem, but I looked into why it happened so I found that firewall was inactive :

 sudo ufw status verbose
Status: inactive

and weak password for root credentials.
I enabled firewall and created new mysql user with strong password and I did not have any problems like that,
but still not sure if I am safe now from such ( or similar ) problems?

I do not have any additive servers which are eccessible in internet.

That was just an example that I do not need any input requests into my system…

Depends entirely on how they got into your system.

Did they get into your system because your firewall was open and your mysql database was listening for remote connections?

Did they get into your system because your code has injection vulnerabilities?
Did they get into your system because they guessed your login credentials?

I can only guess how they(and who) got into your system and
that reason was thar firewall was open and weak password.

My mysql database works only localy on installed apache…
Have I to take any additive measures to be safe for sure?

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.