LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-06-2006, 01:54 PM   #1
Chris594
Member
 
Registered: Oct 2005
Posts: 51

Rep: Reputation: 15
applications internet access rules


Hi,
I'm about to switch completely to Suse. Windows simply doesn't do it for me anymore.
I was wondering though - and this might not be an issue under a linux environment but is/was very important to me under Windows - is there a Firewall or some kind of a software under linux that detects if an applications tries to connect to the internet so that I can decide if I will or will not restrict the connection.
For instance I had Sygate firewall under windows and I would get a message like " windows explorer (explorer.exe) tries to connect to the internet" and could select yes or no. I didn't find a tool for this yet (One thing a would also like to have under Mac OS X )
I'd be very grateful for any info/links about this matter

Thanks

Last edited by Chris594; 12-06-2006 at 06:55 PM.
 
Old 12-06-2006, 02:52 PM   #2
Synt4x_3rr0r
Member
 
Registered: Nov 2005
Location: Sweden
Distribution: Arch Linux 64bit with Gnome
Posts: 138

Rep: Reputation: 15
There is a tool called iptables that lets you do that, although, you wont get a messagebox asking if you want to allow it or not.
But you only open ports for the applications that need it anyway, just block all other ports.
You can still surf the web as usual, it only blocks outcoming connections if you want.

Unfortunatly I have never really learned to use this tool so i cant help you with that, but there are lots of how to's on the web

There are also GUI's for this tool. One example is firestarter.

Last edited by Synt4x_3rr0r; 12-06-2006 at 02:53 PM.
 
Old 12-06-2006, 03:41 PM   #3
Chris594
Member
 
Registered: Oct 2005
Posts: 51

Original Poster
Rep: Reputation: 15
Thanks for your input Synt4x_3rr0r.
I thought about the iptables... the problem still remains when a software wants to update itself, in many cases it will use port 80.

Last edited by Chris594; 12-06-2006 at 06:56 PM.
 
Old 12-07-2006, 09:06 AM   #4
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
Yes you can stop some software from sending packets to internet by defining its binary file with some group & set a SGID bit(2755) to it & further blocking the packets with
Code:
iptables -m owner --gid-owner groupname -j DROP
Hope this helps.
 
Old 12-07-2006, 03:44 PM   #5
Chris594
Member
 
Registered: Oct 2005
Posts: 51

Original Poster
Rep: Reputation: 15
From what I read so far it seems that combining a hardware firewall with a tool like AppArmor would do the job. I'll miss the pop-up window of Sygate though .
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
giving applications access from firewall sharma.kashyap Linux - Security 3 05-13-2006 09:12 AM
limit access the web for applications arsham Linux - Networking 3 02-26-2006 07:41 PM
firewall: prevent some applications access internet alesz Fedora 2 07-12-2005 08:54 AM
Access to root applications as a user odiseo77 Fedora 1 02-04-2005 02:29 PM
Can't access Applications folder cordedpoodle Linux - Newbie 3 10-04-2003 11:51 AM


All times are GMT -5. The time now is 05:44 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration