You make some good points and I agree. But one problem is that if you have recently new hardware (like my case 7800x3d cpu and 7800xt gpu), you are better off going with something like Ubuntu 23 or 24. Debian 12 has Linux Kernal 6.1 you need like 6.4 and up to get this new hardware to work. I guess the pros/cons of any distro; debian case is stability/security. Thanks for explaining about debian...
One Question on Debian 12: - I install the Debian 12 Minimal install as see in your video. - I then install docker - I created two nginx container, with ports 8080 and 8081 respectively. - I then make sure that I can access each container site, plus ping the Debian host. - Now I install UFW, allow port 22/tcp, then enable it. - I can still ping the Debian host & also access the two nginx site { WHY ??? } My question: How can I block everything and only allow access to ports that I need, like 22, 8080, 8081/tcp?
The ping/icmp portion is related to config in /etc/ufw/before.rules. As far as I'm aware you can't directly disable icmp via ufw commands and so you'll have to do it there. As far as your issue with nginx, I'm not seeing the same behavior. I left the default config in place and so I'm connecting over port 80, but that portion should not matter. Also note, I did not install via docker . Might want to verbosely list your rules and review. ufw show raw or maybe look and see what's going on with iptables -L
x80nix@x80deb:~$ shutdown -bash: shutdown: command not found x80nix@x80deb:~$ reboot -bash: reboot: command not found x80nix@x80deb:~$ sudo shutdown -k [sudo] password for x80nix: Broadcast message from root@x80deb on pts/3 (Thu 2024-03-14 16:32:20 EDT): The system will power off at Thu 2024-03-14 16:33:20 EDT x80nix@x80deb:~$ su - Password: root@x80deb:~# shutdown -k Shutdown scheduled for Thu 2024-03-14 16:33:56 EDT, use 'shutdown -c' to cancel. Don't include "-k" in your command though. If included, your system won't shutdown. I'm was just using it for demonstration to avoid an actual shutdown.