Suggestions for setting up according to my own needs
I've decided to improve the security of my system by setting up a firewall configuration.
So I've started reading tutorial/documentation on the web about the argument, but I'm a bit disappointed/confused.
I don't recognise, in particular, why there is a great effort on setting up INPUT rules to the detriment of OUTPUT rules.
From my point of view the main problem is as follow:
1) there are dozens of sensible files (mainly those containing personal password) on filesystem;
2) I DO want such files NOT to be read by anyone.
I absolutely do NOT care of virus of other system-destroying program: if something happens to my system, I do not even spend time to investigate: simply boot parted magic, connect the external hard drive and restore one of my working images (net time: 10-15 minutes).
I create such images on a regurarly base, so that I have an archive of perfectly working system to be used on occurrence.
So my main concern is not the protection of the stability of my system, but instead the protection of my personal (sensible) data.
As consequence, I suppose what I want to secure is the OUTPUT side of connection (or maybe I'm wrong?).
My real worry is like that:
"Ok, I'm opening such text file containing my credit card passwords with my favourite text editor. Am I sure such text editor is not a malicious software? Is it possible the (say, gedit) binary is corrupted in such a way that it sends online my personal data? How to prevent such malicious behaviour?"
So what I'm really searching for is maybe a program giving me the power to allow internet access to only a small fraction of my program (i.e.: disable internet access to all programs/processes except a few ones I explicitly mention).
But this is just an idea...
Please, tell me what do you think about such argumentations.
Any advices will be appreciated.
Thanks in advance...