For my "current account" wallet, I use a dedicated netbook where I run nothing but the Bitcoin client.
The OS is an Ubuntu 12.04 custom install with the majority of default software packages removed.
The ufw setup is as follows:
$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), deny (outgoing)
New profiles: skip
To Action From
-- ----- ----
8333/tcp ALLOW OUT Anywhere
8333/tcp ALLOW OUT Anywhere (v6)
From time to time I run the Ubuntu updates; for this I temporarily change default outgoing to ALLOW.
My question is, is this setup reasonably safe against wallet theft by hackers or viruses, or have I missed something important?
