Attacks, security advice, and firewalls
A firewall is a SW to filter or discard network packets and port requests from forbidden addresses or via closed ports. It can also discard valid packets with wrong credentials so they never reach your OS internals and applications.
Considering that for decades, many ports were open on Windows by default, without a firewall, this was like having an unguarded and half-opened vault – easy to hack.
Conversely, Linux distributions have all ports closed by default – this is why hacking them is extremely hard, and also why, despite firewalls being pre-installed on many distributions, they are often disabled by default.
In addition, the Linux kernel lives in a separate namespace/memory, accessible only by special means and only from SW explicitly installed on the machine. Its management also requires an administrator’s password.
By default, any Linux distribution is installed with a user with administrative privileges...
