Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: I need an outbound GUI software firewall

  1. #1
    Join Date
    Jun 2011
    Beans
    5

    I need an outbound GUI software firewall

    A reply to this closed thread
    http://ubuntuforums.org/showthread.php?t=1696699

    It is all talk and no action in this thread.ZoneAlarm does not exist for Ubuntu but here are some other ways to control network access.

    To stop a program from accessing the network:
    # Install sux,create a new user bob,set network rules for him and run gedit (or whatever program that shoud be stopped) as bob
    sudo apt-get install sux
    sudo useradd bob -c "Example user bob" -d /home/bob -m -s /bin/bash -g users
    sudo iptables -A OUTPUT -m owner --uid-owner bob -j DROP
    sudo sux bob gedit

    To stop all programs from accessing the network except one:
    # Create a new user bob,set network rules for bubba (thats me) and run gedit as bob
    sudo useradd bob -c "Example user bob" -d /home/bob -m -s /bin/bash -g users
    sudo iptables -A OUTPUT -m owner --uid-owner bubba -j DROP
    sudo sux bob gedit

    To be more user friendly it is possible to edit the meny with alacarte to run programs as different users.
    There are more examples here
    http://www.linuxjournal.com/article/6091

  2. #2
    Join Date
    Jul 2011
    Beans
    206

    Re: I need an outbound GUI software firewall

    Quote Originally Posted by bubba2 View Post
    A reply to this closed thread
    http://ubuntuforums.org/showthread.php?t=1696699

    It is all talk and no action in this thread.ZoneAlarm does not exist for Ubuntu but here are some other ways to control network access.

    To stop a program from accessing the network:
    # Install sux,create a new user bob,set network rules for him and run gedit (or whatever program that shoud be stopped) as bob
    sudo apt-get install sux
    sudo useradd bob -c "Example user bob" -d /home/bob -m -s /bin/bash -g users
    sudo iptables -A OUTPUT -m owner --uid-owner bob -j DROP
    sudo sux bob gedit

    To stop all programs from accessing the network except one:
    # Create a new user bob,set network rules for bubba (thats me) and run gedit as bob
    sudo useradd bob -c "Example user bob" -d /home/bob -m -s /bin/bash -g users
    sudo iptables -A OUTPUT -m owner --uid-owner bubba -j DROP
    sudo sux bob gedit

    To be more user friendly it is possible to edit the meny with alacarte to run programs as different users.
    There are more examples here
    http://www.linuxjournal.com/article/6091
    I don't fully understand sux, but on the surface this doesn't seem sufficient to compensate for the problem. What if the utility initiating a secret connection is a printer driver?
    .
    "That's my motto - a place for everything, and everything all over the place!"
    -- From an old comic I once saw.--

  3. #3
    Join Date
    Jan 2009
    Beans
    Hidden!

    Re: I need an outbound GUI software firewall

    >What if the utility initiating a secret connection is a printer driver?<

    yes, or just simple DNS request or..

  4. #4
    Join Date
    Jun 2011
    Location
    The Shadow Gallery
    Beans
    6,807

    Re: I need an outbound GUI software firewall

    Quote Originally Posted by bubba2 View Post
    A reply to this closed thread
    http://ubuntuforums.org/showthread.php?t=1696699

    It is all talk and no action in this thread.ZoneAlarm does not exist for Ubuntu but here are some other ways to control network access.

    To stop a program from accessing the network:
    # Install sux,create a new user bob,set network rules for him and run gedit (or whatever program that shoud be stopped) as bob
    sudo apt-get install sux
    sudo useradd bob -c "Example user bob" -d /home/bob -m -s /bin/bash -g users
    sudo iptables -A OUTPUT -m owner --uid-owner bob -j DROP
    sudo sux bob gedit

    To stop all programs from accessing the network except one:
    # Create a new user bob,set network rules for bubba (thats me) and run gedit as bob
    sudo useradd bob -c "Example user bob" -d /home/bob -m -s /bin/bash -g users
    sudo iptables -A OUTPUT -m owner --uid-owner bubba -j DROP
    sudo sux bob gedit

    To be more user friendly it is possible to edit the meny with alacarte to run programs as different users.
    There are more examples here
    http://www.linuxjournal.com/article/6091

    all talk no action.

    It was answered a multiple of times.

    IPTables,
    UFW.GUFW
    <snipped unmaintained front-end firewall GUI>

    take you pick, they can all block outgoing connections

    as stated unless a user inititates them there are none
    Last edited by Sef; August 28th, 2011 at 05:27 PM. Reason: snip
    Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2

    Backtrack - Giving machine guns to monkeys since 2006
    Kali-Linux - Adding a grenade launcher to the machine guns since 2013

  5. #5
    Join Date
    Apr 2007
    Beans
    468
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: I need an outbound GUI software firewall

    anyone ever look at this? http://configserver.com/cp/csf.html

    i've never used on a desktop but on a server its very good. Gives me a bit more piece of mind over iptables alone.

  6. #6
    Join Date
    Jun 2011
    Location
    Atlanta Georgia
    Beans
    1,771
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: I need an outbound GUI software firewall

    Quote Originally Posted by inphektion View Post
    anyone ever look at this? http://configserver.com/cp/csf.html

    i've never used on a desktop but on a server its very good. Gives me a bit more piece of mind over iptables alone.
    It's not a bad tool. But not sure why it gives you more peace of mind than iptables, like most Linux "firewalls" all it does is include configurable iptables scripts. It also grabs up the logs from different places (like mod-security) and makes them easier to read.

    Still a decent piece of software though.

  7. #7
    Join Date
    Apr 2007
    Beans
    468
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: I need an outbound GUI software firewall

    Just because it does a bit more than iptables. Its like a mix of iptables, fail2ban, logwatch, and maybe a few more in one. Alerts sent if server load avg is high, ping flood detection, etc.

    Honestly of all the servers i need to manage i use it on two that i feel maybe are more targetable. The rest i am fine with my iptables config, fail2ban, logwatch, logcheck, and on some aide.

  8. #8
    Join Date
    Jul 2011
    Beans
    206

    Re: I need an outbound GUI software firewall

    Quote Originally Posted by haqking View Post
    all talk no action.

    It was answered a multiple of times.

    IPTables,
    UFW.GUFW
    <snipped unmaintained front-end firewall GUI>

    take you pick, they can all block outgoing connections

    as stated unless a user inititates them there are none
    Hi, haqking!

    How about a little more talk?
    Pick one, and explain how it could

    a) Block a printer driver from initiating a secret connection, and

    b) Notify the Admin that there was a problem involving that particular printer driver; i.e., that the attempt had occurred, and the source of the attempt.

    TIA!
    Last edited by Sef; August 28th, 2011 at 05:28 PM. Reason: snip quote
    .
    "That's my motto - a place for everything, and everything all over the place!"
    -- From an old comic I once saw.--

  9. #9
    Join Date
    Jun 2011
    Beans
    5

    Re: I need an outbound GUI software firewall

    Quote Originally Posted by ottosykora View Post
    yes, or just simple DNS request or..
    Strange that I have not seen this. Do you have your DNS configured in a special way?

    Quote Originally Posted by scruffyeagle View Post
    I don't fully understand sux, but on the surface this doesn't seem sufficient to compensate for the problem. What if the utility initiating a secret connection is a printer driver?
    The purpose of sux is to launch the application as another user.

    The printer driver sounds interesting. Do you have any more details?
    Remember that it is a normal user without sudo privileges.

  10. #10
    Join Date
    Mar 2006
    Location
    Williams Lake
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: I need an outbound GUI software firewall

    Quote Originally Posted by scruffyeagle View Post
    Hi, haqking!

    How about a little more talk?
    Pick one, and explain how it could

    a) Block a printer driver from initiating a secret connection, and

    b) Notify the Admin that there was a problem involving that particular printer driver; i.e., that the attempt had occurred, and the source of the attempt.

    TIA!
    Could you give us an example of this? I've never heard of a printer creating a secret connection, and how would this "driver" do it.

    Keep in mind that all the printer drivers available during the install, come either from a trusted repository, or directly from the manufacturer.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •