Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Little Snitch equivalent?

  1. #11
    Join Date
    Dec 2009
    Beans
    Hidden!

    Re: Little Snitch equivalent?

    firestarter isn't pretty and iptables definitely isn't either. however, last time i checked they both worked flawlessly. Pop-ups won't make your system more secure. If something is connecting to you or vice versa without you knowing about it...hey, the popup doesn't work anyways...so. learn what you've got, mate.

  2. #12
    Join Date
    Feb 2010
    Beans
    12

    Re: Little Snitch equivalent?

    Quote Originally Posted by gutsy08 View Post
    Hello, I'm wondering if anyone here knows if there's a Linux equivalent for Little Snitch on OS X. In other words, an interactive firewall that can warn you about outgoing connections and prompt you when they're initiated and give you an option to set rules for them then. Being able to handle incoming connections as well would be a nice bonus. Thanks in advance.
    It's been a while since this request was posted. Has anyone found a Little Snitch equivalent? It's a superb help in privacy and security.

  3. #13
    Join Date
    Apr 2006
    Beans
    80

    Re: Little Snitch equivalent?

    Well it's been a long time since anyone has posted here. Has anyone found anything like little snitch?

    Reading the posts, I think most people misunderstand what we are asking for. Little snitch is a reverse firewall for applications. It monitors and blocks outgoing traffic, not incoming traffic. It's main purpose is to block programs (spyware, etc) from "phoning home".
    Last edited by 2cute4u; January 2nd, 2011 at 03:51 AM.
    iMac 27" running Mac OS X 10.6 (Snow Leopard) and Ubuntu 12.4 (Precise Pangolin)
    iMac G4 running Mac OSX 10.04 (Tiger)
    HP Pavillion running Ubuntu 8.04 (Hardy Heron)
    Mac Expert, Linux User, Windows Virgin

  4. #14
    Join Date
    Jun 2007
    Beans
    3

    Re: Little Snitch equivalent?

    I agree with the last post; why isn't there more desire for a reverse firewall in Ubuntu (or just in general). With people being increasingly concerned about privacy, and with tools like Little Snitch being the only viable defense against programs running on your computer telling anyone anything they want, it would be reasonable to assume that this is a program people are looking for. Yet the somewhat niche popularity of Little Snitch and the unavailability of alternatives on other platforms suggests that most people don't use these products and don't seek them out; is it that they can't be bothered to define outbound rules, or simply that they just don't care about what information is transmitted from their computer?

  5. #15
    Join Date
    Jan 2008
    Beans
    1,336

    Re: Little Snitch equivalent?

    Quote Originally Posted by hoy View Post
    Hey! Last version of Firestarter released "January 2005" (5 years ago), is this normal? I don't think so...

    Currently I use Gufw. Maybe some day we will have application-level firewall...
    Firestarted is simply a gui frontend for iptables. Its it does its job, which is modifying iptables through a graphical interface, and it does it fairly well. Theres an old saying "If it aint broke, dont fix it."


    As far as application layer firewalls, the only one I know of is TuxGuardian which apparently hasnt been updated since 2006. Ive never used it mysel, so I have no idea how good or bad it is.

    http://tuxguardian.sourceforge.net/

  6. #16
    Join Date
    Jan 2011
    Beans
    Hidden!

    Re: Little Snitch equivalent?

    There aren't many because they aren't really necessary for Ubuntu right now.

    If there is a need for something, a bunch of people will make one and it will start to appear in distros as standard.
    Last edited by nogoodnamesleft; March 18th, 2011 at 02:07 PM.

  7. #17
    Join Date
    Jun 2012
    Beans
    1

    Re: Little Snitch equivalent?

    @nogoodnamesleft

    That's wrong. Little Snitch's main purpose is, to control OUTGOING network activity on application/service level in an easy an convenient way. That said you are able to see AND to decide on the fly whether you want to let a service or application talk to the mothership or not.

    Ubuntu - theoretical - has the tools on board to block outgoing connections as well. But not at application level. You have to decide whether to allow a certaint protocol, port, ip or not. From my point of view, that's enough for most server setups where blocking incoming activity is much more important because you normally know what's running on the box. But if you have a desktop and probably some Windows Apps on it (in Wine or in a whole an VM) than you might want to limit those apps and service a little bit.

    Anyhow... Also attacker-szenarios are not impossible. See flame or stuxnet. Yes, they won't run on linux currently but thinking that linux is NOT vulnerable against such attacks where the attackers have nearly unlimited budget and ressources, is a bit silly - a weakness of such software is the necessity of an outgoind network connection. If you were able to easily recognize and block that, life could be much better.

    The problem is, that Linux has failed to conquer the desktop market, therefore the demand for such tools might be not very high. So the chances, that someone developes something like Little Snitch might be small.

    BTW: Little Snitch is a module which plugs into the mach kernel of OS-X with an very easy to use, intuitive user interface. So if one will doe something like little snitch he has to do it at kernel level to achieve optimal performance and maximum effectivity.

    Regards,

    RP

  8. #18
    Join Date
    Nov 2008
    Beans
    18

    Re: Little Snitch equivalent?

    Let's face it...
    Little snitch is so popular because 99% of their user base, using it for blocking stolen software
    from communicating with the developer's servers, avoiding blacklisting.
    With GNU/Linux there isn't really such an urge for that kind of acting.
    There is a good free app for almost everything in the repositories and out there.
    Maybe our pockets are dead empty, but we have peace of mind.

Page 2 of 2 FirstFirst 12

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •