Do I need a firewall?

[gentoobloke]

If my PC does not have any TCP/UDP ports open should I use a firewall or is there no need. My PC is only switched on when I am using it, and is always shut down when I am finished.

Netstat shows:-

bash-2.05b$ netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 1125616 /tmp/.X11-unix/X0
unix 2 [ ACC ] STREAM LISTENING 1125697 /tmp/ksocket-gentoobloke/kdeinit__0
unix 2 [ ACC ] STREAM LISTENING 1125699 /tmp/ksocket-gentoobloke/kdeinit-:0
unix 2 [ ACC ] STREAM LISTENING 1125705 /tmp/.ICE-unix/dcop24710-1112859916
unix 2 [ ACC ] STREAM LISTENING 1125873 /tmp/.ICE-unix/24729
unix 2 [ ACC ] STREAM LISTENING 1125726 /tmp/ksocket-gentoobloke/klauncheryUrVVb.slave-socket
unix 2 [ ACC ] STREAM LISTENING 1125802 /tmp/mcop-gentoobloke/calmbeast_jahloft-6094-4254e50d

-nolisten options are set for X.

I am unsure if the UNIX domain sockets should be a concern.

Thanks in advance,

G.B

[Ateo]

Well, as far as I know, intrusion can only occur if the intruder has a service to exploit. If you have no services running, there's no way to get into your box. However, I still suggest a firewall, just for added protection from say... a DoS attack.... just my 2 cents..

[Jicksta]

Well, a port could later become open through an exploit in a program.

Say GAIM has a file transfer exploit or Konqueror allows a user to execute remote commands. A third party may be able to remotely open a port and communicate with whatever backdoor is open. A firewall will keep intrusions like this out since, even if a port is opened, no information on that port will be received.

I'm neither a firewall expert nor a firewall user so take my advice with a grain of salt.