Re: How to secure open port for a particular program?
It's not really an "insecurity", it's a risk. An insecurity is an insecurity, a risk can be managed.
Originally Posted by Kestreln8144
If the program is the only program listening for incoming connections on that port, then it will be the only one receiving the data. If the program is not running, then no incoming connection will ever be answered and you will receive no data. Even if you have programs listening on port 502, 503, 504, 506 and 507; they will still not receive any data destined for port 505. Do you understand what I mean? If you want to restrict incoming connections on that port to one particular program, then simply don't have any other programs listening on that port.
The only idea I have is: I could open a particular port for this program only,
restrict the usage of this port to this program, then secure the program with AppArmor. This way, any incoming connection would only be able to connect to that program, and even if it's insecure AppArmor should limit any damage.
Securing the service with AppArmour is a great way of limiting risk. You do need to know exactly what that program does, however, otherwise you'll either make the AppArmour profile too loose or so restrictive that the program won't work properly.
I try to treat the cause, not the symptom. I avoid the terminal in instructions, unless it's easier or necessary. My instructions will work within the Ubuntu system, instead of breaking or subverting it. Those are the three guarantees to the helpee.