Find the answer to your Linux question:
Results 1 to 7 of 7
Is there are program/firewall that would allow me to control what programs/commands can access the internet? Sort of like ZoneAlarm for Windows. I keep hearing about scripts that replace the ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2005
    Posts
    46

    Control Program Access To Internet


    Is there are program/firewall that would allow me to control what programs/commands can access the internet? Sort of like ZoneAlarm for Windows.

    I keep hearing about scripts that replace the ls (or other) command so that it accesses the internet like adware. I would like to be able to configure a system to (for example) only allow firefox, evolution, gaim, and some other programs to access the internet.

    I know that I could use IPTABLES to allow only certain destination ports (like 80,110, etc), but that would not necessarily block the spyware.

    Any tips or pointers or program name or links for further reading would be greatly appreciated.

  2. #2
    Linux Guru loft306's Avatar
    Join Date
    Oct 2003
    Location
    The DairyLand
    Posts
    1,666
    well for the most part adaware and other spyware wont run on linux boxen though some will run under wine ...but only if you set them up to do so!!!

    so dont worry about it!
    ~Mike ~~~ Forum Rules
    Testing? What's that? If it compiles, it is good, if it boots up, it is perfect. ~ Linus Torvalds
    http://loft306.org

  3. #3
    Linux Newbie
    Join Date
    Nov 2004
    Location
    New York
    Posts
    150
    I think he's referring to root kits, although if the malicious software gets installed on your machine, it can do plenty of things to screw up the contaminated account without using the internet. And if that account is root, then your system is in serious trouble and no after-the-fact precaution will work - root can rewrite whatever you do, after all.
    \"Nifty News Fifty: When news breaks, we give you the pieces.\" - Sluggy Freelance

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Newbie
    Join Date
    Feb 2005
    Posts
    129
    You don't have to worry about linux spyware. I'm using Knoppix 3.7 and Xandros 3 without any firewall/antivirus and I have no problem. The best thing to do is to use a LIMITED USER account without root privileges and you're safe.

  6. #5
    Just Joined!
    Join Date
    Feb 2005
    Location
    Athens, GA
    Posts
    56

    Re: Control Program Access To Internet

    Quote Originally Posted by helpmhost
    I keep hearing about scripts that replace the ls (or other) command so that it accesses the internet like adware. I would like to be able to configure a system to (for example) only allow firefox, evolution, gaim, and some other programs to access the internet.

    Any tips or pointers or program name or links for further reading would be greatly appreciated.
    There is a program to check for rootkits (what you describe above) called chkrootkit (at http://www.chkrootkit.org) that you can run. Running programs like tripwire can also help you see when files have been altered. If you run an unpriveleged user as described above, you should be fairly secure from these sorts of things, barring unpatched vulnerabilities.

    Using iptables as you describe above could help, or if you're really paranoid about what's going back and forth over the wire, you could install an IDS system like Snort that will alert you to suspicious traffic.

    Another thing that may help more than any of the above and is easy to do is not to install any software that you have not verified through checksums from an independent trusted source. If you download rpms from a mirror, get the checksum for the software from redhat's secure repository (or some other verifiably trusted source) and compare it to your download from the mirror. This is one way to avoid software that has been trojaned. It's a good habit to get into.

  7. #6
    Just Joined!
    Join Date
    Feb 2005
    Posts
    9
    Yes there is, it's called TuxGuardian
    http://tuxguardian.sourceforge.net/

    There may be more out there, but this is the only one I've heard of.

  8. #7
    Just Joined!
    Join Date
    Feb 2005
    Location
    Athens, GA
    Posts
    56
    Quote Originally Posted by debian
    You don't have to worry about linux spyware. I'm using Knoppix 3.7 and Xandros 3 without any firewall/antivirus and I have no problem. The best thing to do is to use a LIMITED USER account without root privileges and you're safe.
    While this is kind of true at the moment, as Linux gains more market share, spyware and viruses will become more prevalent. It is still somewhat harder to make viruses for Linux because most downloaded files etc. are still not set executable by default, but it does happen and will probably become even more common as users start requesting ease of use and convenience features more vehemently.

    I know that if I get a virus that deletes all my user files, I am going to be just as upset as a user as I would be if someone had rooted my box. All of the files that are important to me are owned by me as user. That means if something did affect my lowly user acount only, it would still take most everything I hold dear with it. Not being root helps save *other users* on the macine (probably) and may prevent a worm from using the box to spread but it won't help userland viruses from a user's perspective. It's good advice to run the box as a non-priveleged user, but it is not the salvation that many think.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •