Find the answer to your Linux question:
Results 1 to 4 of 4
I've decided to improve the security of my system by setting up a firewall configuration. So I've started reading tutorial/documentation on the web about the argument, but I'm a bit ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jan 2013
    Posts
    2

    Suggestions for setting up according to my own needs


    I've decided to improve the security of my system by setting up a firewall configuration.

    So I've started reading tutorial/documentation on the web about the argument, but I'm a bit disappointed/confused.

    I don't recognise, in particular, why there is a great effort on setting up INPUT rules to the detriment of OUTPUT rules.

    I mean...
    From my point of view the main problem is as follow:
    1) there are dozens of sensible files (mainly those containing personal password) on filesystem;
    2) I DO want such files NOT to be read by anyone.

    I absolutely do NOT care of virus of other system-destroying program: if something happens to my system, I do not even spend time to investigate: simply boot parted magic, connect the external hard drive and restore one of my working images (net time: 10-15 minutes).
    I create such images on a regurarly base, so that I have an archive of perfectly working system to be used on occurrence.

    So my main concern is not the protection of the stability of my system, but instead the protection of my personal (sensible) data.

    As consequence, I suppose what I want to secure is the OUTPUT side of connection (or maybe I'm wrong?).

    My real worry is like that:
    "Ok, I'm opening such text file containing my credit card passwords with my favourite text editor. Am I sure such text editor is not a malicious software? Is it possible the (say, gedit) binary is corrupted in such a way that it sends online my personal data? How to prevent such malicious behaviour?"

    So what I'm really searching for is maybe a program giving me the power to allow internet access to only a small fraction of my program (i.e.: disable internet access to all programs/processes except a few ones I explicitly mention).

    But this is just an idea...

    Please, tell me what do you think about such argumentations.
    Any advices will be appreciated.

    Thanks in advance...

  2. #2
    Linux Newbie
    Join Date
    Jun 2004
    Location
    Halesowen, West Midlands, UK
    Posts
    107
    I have a cable router with firewall settings but I choose an firewall box between the router and my internal network.

    If this is what you are considering, there are a number of distributions -
    ipcop, ipfire which I use, smoothwall which I used to use but when the motherboard died it refused to see the second (RED) Ethernet.

    If you intend to block output ports or systems ipfire certainly allows this and I'm fairly certain the others do so also.

  3. #3
    Just Joined!
    Join Date
    Jan 2013
    Posts
    2
    Thank you, Siddly.

    The point is that basically I'd like not to work in term of "port", but in term of "application".
    An idea of what I'm searching for are these: (forum do not let me post links)

    leopardflower
    tuxguardian

    Unfortunately, the first is just a beta release (and the author advices no new update will be released soon) while the second is abandoned.

    But the idea is that: choose which internet traffic enable on an application/process base approach instead of a port one.

  4. #4
    Just Joined!
    Join Date
    Nov 2011
    Posts
    9
    Sounds almost like you desire application whitelisting. Have a peek at SELinux, although definitely not for beginners.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •