A default deny all policy on connections ensures that any unconfigured network usage will be rejected.With a default accept policy the firewall will accept any packet that is not configured to be denied. It is easier to white list acceptable usage than to black list unacceptable usage. FIX: Make sure iptables-persistent installed. If you are using iptables, # iptables -P INPUT DROP # iptables -P OUTPUT DROP # iptables -P FORWARD DROP or If you are using ufw, # ufw default deny incoming # ufw default deny outgoing # ufw default deny routed # iptables-save > /etc/iptables/rules.v4 # ip6tables-save > /etc/iptables/rules.v6 Revert: If you are using iptables, #iptables -P INPUT ACCEPT #iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT or If you are using ufw, # ufw default allow incoming # ufw default allow outgoing # ufw default allow routed # iptables-save > /etc/iptables/rules.v4 # ip6tables-save > /etc/iptables/rules.v6 Note: 1. If INPUT or OUTPUT DROP is set, Saner agent and all other remote services and servers will not be able to contact your machine.

[Yes/No]

Run the following command: # ufw default deny incoming # ufw default deny outgoing # ufw default deny routed