Having been a casual reader of Schneier on security for some 15 years or so (and read some of his books), and having run BBSs and ISPs in my time. I have formed my limited approach on "security".
In my limited opinion, you either have something to protect - commercial interest, sensitive business data, anything potentially compromising - or you don't... really.

Now if you don't (really), worrying about it is not only a waste of time, it's counterproductive.
All you really need is to keep your (very little) even vaguely sensitive data on... something else. An unmounted partition, an external drive, an encrypted place... and to keep a good backup, so when Mr. Ching (a Mexican pun) writes to you saying "All your base data are belong to us (a Zero Wing pun), deposit ten grillion slitcoins in my wallet or else", you can - on the off chance these clowns actually managed to encrypt something - reply something on the lines of "CENSORED".
The fact that you're using a Linux-based system makes the chance of even that... trivial anyway.
I mean, common lore would have it that control systems for nuclear plants in Iran were running on MS Windows software...

Now if you do... that's another matter.
You would have to start with SElinux - or thereabouts - anyway.
Spend an inordinate amount of time and effort on encryption, packet sniffing, firewalls and... Black Ice (as in Gibson), pretty much. :·)
Even then, if you really have something worth protecting, it's probably worth the attacker's time, so you're on thin ice... my Pedigree Chum (a Snatch pun).

@DonBCilly Nice to know you have such a rich background. :bow:

I do not have anything important other than a normal home user.

Thanks @SchwarzerKater



Do you people think that a normal home user should use Gufw ? If I simply enable Gufw does the default settings allow normal browsing, Ktorrent, sharing files over local WiFi network, sharing files through ethernet inside the local network, and OS updates ? Because I have sometime back heard that people have trouble connecting to internet when using Gufw. Thanks.

If your PC is the only one attached to your WIFI then ufw (gufw) is a good choice. However, if you have more than one device attached to your wifi router then getting a wifi router with DD-WRT installed is even better. DD-WRT gives you access to features the MFG locks you out of, like transmitter power. I set my Buffalo N600 wifi's power to just enough mw to get the signal 50 feet from the router. DD-WRT also supplies a firewall which you can configure. It protects every device connected to it. You can use MAC addresses to automatically give each device to its own IP address. In the port forward settings you can select which addresses to forward signals to. And there are many more reason, but my hands are shaking too much to type any more.

if you are behind a router, then a software firwewall is not as necessary, as the router has one built in. Using both ufw and the hardware firewall can cause conflicts, and can be difficult to troubleshoot. Even inexpensive routers can have pretty useful and configurable GUI firewalls.
I'd pick one, and disable the other.

Thank you @GreyGeek @claydoh

I feel better now