LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Controlling external network access per processes.
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-13-2010, 11:30 PM   #1
Neon20_180
LQ Newbie
 
Registered: Aug 2010
Posts: 5

Rep: Reputation: 0
Controlling external network access per processes.

That would seem like an elementary feature to be able to enable only a few system applications access to the Internet. That would prevent trojans to download your HD for examples. I looked around and played with iptables but I couldn't not find anything that do the job.
I loaded the xt_owner kernel for iptables but the --cmd-owner command is lacking.

That was my holy grail but could not get --cmd-owner to work.
iptables -I OUTPUT -m owner --cmd-owner "firefox" -j LOG --log-prefix "Testing "

How can I protect my machine against the enemy within.
Anyone knows a way to achieve this?

Cheers,

OpenSuse 11.2
Kernel: 2.6.31.12-0.2-desktop
 
Old 08-14-2010, 10:17 AM   #2
estabroo
Senior Member
 
Registered: Jun 2008
Distribution: debian, ubuntu, sidux
Posts: 1,126
Blog Entries: 2

Rep: Reputation: 124Reputation: 124
How much do you want to lock down the box?
selinux or apparmor (or some other kernel security package) are probably your best bet
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Controlling memory/number of processes for LDAP users Neruocomp Linux - Server 3 06-29-2009 05:01 PM
LXer: Controlling your Linux system processes LXer Syndicated Linux News 0 06-15-2007 04:01 PM
Can access network, cannot access external addresses -Olly- Linux - Wireless Networking 2 10-08-2006 06:10 AM
Can't access external server from local network newuser455 Linux - Networking 7 05-30-2005 12:47 AM
Controlling processes on networked pcs linuxhippy Slackware 5 05-08-2005 07:41 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:27 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration