Lowering your attack surface
Your Ubuntu Server installations will likely have one or more important applications running on them, some of which might be available to the public internet. This is very common for web servers, for example, as it's the primary goal of a web server to offer a website that your users can access. Every application that is accessible from outside the walls of your organization is a potential entry point for threat actors who might attempt to break into your server. The attack surface of a server is essentially a list of all the things that are potentially exploitable. In regards to security, it's important to understand which applications must be accessible remotely, and which ones you can lock down. Every application you lock down lowers the likelihood of it being taken over by an outside threat. The process of locking things down is what we refer to as lowering your attack surface.
Ideally, in a perfect world, we would disallow...