TuxGuardian - application based firewall
I added Package Request for TuxGuardian - application based firewall. If you want it, please vote for it.
https://bugs.launchpad.net/ubuntu/+bug/657249
Features:
Detects unauthorized applications trying to act like a client or a server;
Operates with or without user intervention;
Verifies the applications' integrity so that maliciously modified software won't be able to send or receive data through the network;
Uses a three-layered architecture of independent modules, which eases the task of addings new features and functionality;
http://tuxguardian.sourceforge.net/screenshot.png
http://tuxguardian.sourceforge.net/
Re: TuxGuardian - application based firewall
The last time TuxGaurdian was updated, was in 2006, why use something that could potentially have security flaws, when there are already iptables front ends in the repositories. The preferred tool is ufw/gufw.
Re: TuxGuardian - application based firewall
Please, read description. Gufw doesn't have this functionality and as far as I know will not have.
Anyway, when something is in repository it is your choice what to install and what not.
I think that developers are able to check if it is secure or maybe develop similar application. It has a 'wish' status now.
Re: TuxGuardian - application based firewall
It sound good but seem working like a window based firewall.
Re: TuxGuardian - application based firewall
Quote:
Originally Posted by
arapaho
While such a thing may sound like a good idea if you are coming from Windows, it has not caught hold in the Linux community as of yet.
Part of the reason is that Linux is not Windows and this type malware does not exist in Linux.
Another issue is that people use alternate tools such as selinux or apparmor.
Another issue is that Linux sysadmins have much more control over what servers are or are not installed on the clients.
Last, the amount of "damage" any potential clinet could do is very limited on Linux. Sure it could affect things in /tmp or /home, but not system files.
tuxguardian is very buggy and as has been pointed out no longer maintained.
All I can say, this is not windows and they type of application firewall you suggest has not really been needed.
So -1 from me.
Re: TuxGuardian - application based firewall
Quote:
Originally Posted by
bodhi.zazen
Part of the reason is that Linux is not Windows and this type malware does not exist in Linux.
You can't guarantee that it will not be created. When this happen linux users will not be prepered.
Quote:
Originally Posted by
bodhi.zazen
Another issue is that people use alternate tools such as selinux or apparmor.
These tools are to difficult for new linux users. And apparmor works differently. First you have to allow certain application to run and then create a policy. It may be too late.
Anyway, maybe it is great tool for IT professionals but for desktop, an application working like tuxguardian would be simpler and better solution at least for newbies. And second thing the choice should be left for user. It doesn't have to be default firewall. I only want it to be in repositories.
Quote:
Originally Posted by
bodhi.zazen
Another issue is that Linux sysadmins have much more control over what servers are or are not installed on the clients.
I don't work on servers and I really don't care about servers.
Quote:
Originally Posted by
bodhi.zazen
tuxguardian is very buggy and as has been pointed out no longer maintained.
Maybe something similar could be developed. It would be more important for me then a new font in Ubuntu.
Re: TuxGuardian - application based firewall
Quote:
Originally Posted by
arapaho
Please, read description. Gufw doesn't have this functionality and as far as I know will not have.
Anyway, when something is in repository it is your choice what to install and what not.
I think that developers are able to check if it is secure or maybe develop similar application. It has a 'wish' status now.
All of these orphaned applications have package maintainers, that make sure the app works with the latest distro release, there may be some bug fixing, but nothing major. Don't count on a package maintainer to fix any major flaws.
There must be a reason why the original author abandoned the application, but we aren't privy to it.
As for learning new ways of doing things, any operating system is hard to learn, we weren't born knowing how to use Windows, it took many years for you to gain the knowledge you have now. Give Linux the same amount of effort.
Re: TuxGuardian - application based firewall
Quote:
Originally Posted by
arapaho
You can't guarantee that it will not be created. When this happen linux users will not be prepered.
That sentiment is understandable as you are likely coming from Windows.
As I have tried to indicate, Linux is not Windows and we do not have the same vulnerabilities.
There are many reasons this type of vulnerability is extremely unlikely, probably the main one being the Repositories. Most if on all applications are installed from trusted sources and as such adware or spyware of the kind you are worried about is non-existant.
Security is much tighter in Linux for a variety of reasons and without debating each and every point with you I am explaining to you why the interest in such an application is low.
Just because you are new to Linux and you are unfamiliar with security does not mean Linux users are not unprepared. Linux and Ubuntu are designed from the ground up to be secure.
There is a reason we do not have spyware, and it most certainly is not security through obscurity.
As I said this is not Windows.
See the stickies and you might also like :
http://librenix.com/?inode=21
Securing Debian Manual
SecurityTeam/FAQ - Ubuntu Wiki
https://wiki.ubuntu.com/SecurityTeam
And similar.
Re: TuxGuardian - application based firewall
Ok guys, I don't know exactly what your backgrounds are, but an application based firewall is needed for linux to gain popularity and maintain it's high security. I use appamor, selinux, snort, and a host of other hids services to maintain my host. However, to run online games that access multiple ip addresses or even use services such as skype witch uses p2p to communicate, an application based firewall is needed. I definately don't want to open all the ports needed for those services on my host for anytime use, and i don't want to keep turning everything off to use them. An application based firewall is needed to continue to maintain our call to the world that ubuntu is ready to be used as your home os.
Re: TuxGuardian - application based firewall
I contacted the initial developer of Tuxguardian - he dropped the project because the underlying linux kernel infrastructure (namely LSM modules API) has been changing so dramatically, it has become impossible to keep up and maintain the project. In newer kernels the possibility to plug-in an LSM modules has been removed, thus Tuxgardian can' work there.
The only other similar project I came across was linux-firewall.org ,although it didnt work as promised on my machine, so I cant vouch for it.
I believe that application based firewall for linnux has been long overdue. It is needed not so much to guard off malware and viruses which are largely non-existant because all packages are vetted in the repositories, as to give a privacy-minded user a sense of complete control of what's going on on his machine.