If you can’t rely on your local network being firewalled the onus is on you to make sure that you have a firewall running on your computer. On linux you have iptables, which is remarkably easy to use if you have at least a basic understanding of how networking works (and/or google). Without going into details, you REALLY, REALLY. REALLY need to have your OWN firewall running if you are based at Umeå University.
Your needs may vary, but here’s a script that you can put in e.g. /etc/firewall_rules.sh
Have it called from /etc/rc.local so that it starts during boot.
#!/bin/sh
sudo iptables -F #FLUSH
#INPUT
sudo iptables -A INPUT -m conntrack –ctstate ESTABLISHED,RELATED -j ACCEPT #allows network
sudo iptables -A INPUT -i lo -j ACCEPT #127.0.0.1
sudo iptables -A INPUT -s 127.0.0.1 -j ACCEPT
sudo iptables -A INPUT -p tcp –dport ssh -j ACCEPT #ssh -world!
sudo iptables -A INPUT -p icmp –icmp-type 8 -j ACCEPT -s 192.168.1.0/24 #ping
sudo iptables -A INPUT -d 255.255.255.255 -j ACCEPT #broadcast traffic
sudo iptables -A INPUT -m limit –limit 15/minute -j LOG –log-level 7 –log-prefix ” Dropped by firewall ”
sudo iptables -A INPUT -m limit –limit 15/minute -j LOG –log-level 4 –log-prefix “[netfilter]”
sudo iptables -A INPUT -j DROP #drop all else
#OUTPUT
sudo iptables -A OUTPUT -o lo -j ACCEPT #127.0.0.1
sudo iptables -A OUTPUT -j ACCEPT #all outgoing ok
#FORWARD
sudo iptables -A FORWARD -p icmp –icmp-type 8 -j ACCEPT
#Default behaviour
sudo iptables -P INPUT DROP
sudo iptables -P OUTPUT DROP
sudo iptables -P FORWARD DROP
exit 0