Firewall, Privileges, and System Administration in Linux

Published on:January 20, 2025
Author: Dirghayu Joshi

When working with Linux systems—whether locally or in the cloud—understanding firewalls, privileges, and system updates is essential for both security and stability. This post walks through these fundamentals in a way that applies directly to day-to-day administration tasks.

What is a Firewall?

In short, a firewall is a utility that sits on your computer between your network connection and the rest of your system.

Any application, service, or data that is sent or received by your computer must first pass through the firewall. Since the dominant network protocol is TCP/IP, this means we're dealing with packets.

A firewall inspects these packets—not their contents, but their outer metadata such as:

  • Source IP address
  • Destination IP address
  • Port number

👉 The actual transmitted data remains secure and unread.

Principle of Least Privilege

In firewall management, we generally apply the Principle of Least Privilege. That means:

  • By default: drop all new connections.
  • Allow only a few necessary exceptions (known as whitelisting).

This keeps the attack surface small and predictable.

Privilege Elevation in Linux

To make system-level changes (like configuring firewalls), you need administrative privileges. Elevating your privileges allows you to perform actions beyond a normal user account.

  • On Linux, only accounts that belong to the administrator group can elevate privileges.
  • The name of this group depends on the distribution. For Ubuntu, it's called the sudo group.

When you created your Azure VM, the first user account was automatically added to the sudo group during deployment.

The sudo Command

Normally, the shell will ask for your password as an extra precaution when using sudo. However, in cloud-based Linux VMs, password-less sudo access is common.

sudo is the preferred method for running admin-level commands—especially if you only need to run one or two.

⚠️ Be careful with sudo
The root user has the power to do anything—including accidentally deleting all files. Only use sudo when absolutely necessary.

Switching to Root

Sometimes you may want to switch directly into a root shell.

sudo su -

To exit root mode and return to your standard user account:

exit

Security Defaults

Most systems and software ship with pre-configured defaults to make initial setup easy. These might include:

  • Default usernames and passwords
  • Default ports
  • Default configurations

In a well-secured system, these defaults should always be changed. If you know the defaults, chances are hackers know them too.

Keeping Your Linux System Updated

Keeping your system up to date is one of the most important tasks of a Linux administrator. Updates not only improve functionality but also patch critical security vulnerabilities.

To update packages on Ubuntu:

sudo apt update && sudo apt upgrade

Kernel Updates

The kernel is the heart of the operating system. It handles core functions like memory management, CPU scheduling, and device interaction.

If a kernel update is installed, you must reboot the system to apply it:

sudo reboot

Firewalls on Ubuntu: From UFW to iptables

By default, Ubuntu comes with UFW (Uncomplicated Firewall). While UFW is powerful, it can be overly complex for some use cases.

For finer control, administrators often switch to the iptables standard. This requires:

  1. Removing the ufw service.
  2. Installing the iptables-persistent package.
  3. Configuring systemd to manage your firewall service at boot.

What is systemd?

systemd is the init system and service manager used in most modern Linux distributions. It's responsible for:

  • Booting the system
  • Starting and stopping services
  • Managing processes

When you enable a firewall (or any other service) to run on startup, it's systemd that ensures it happens.

For example, to enable and start a service with systemd:

sudo systemctl enable <service>
sudo systemctl start <service>

Wrapping Up

To effectively manage a Linux system, you need to master three things:

  1. Firewalls — Protect the system by controlling incoming and outgoing traffic.
  2. Privileges — Use sudo wisely and avoid unnecessary exposure to root powers.
  3. Updates — Keep the system patched and the kernel current.

With these fundamentals in place, you'll have a strong foundation for securing and maintaining both personal and cloud-based Linux environments.

You have reached the end of the article 😊, thanks for reading and have a good day!

Subscribe to get updates on new articles

Get the latest articles delivered straight to your inbox