hallo folks!
I want some advice for making my system more secure. I want deactivate any network connection that is unnecessary. Only my browser and the update ability of zypper should have access to the internet. On windows there are personal firewalls.
How can I block internetaccess for all other programmes on openSUSE?
Ip tables are complicated!
greez
So long as you are not running ssh unnecessarily
What on earth are you worried about
You can’t make comparisons between openSUSE and Windows
Carl, I guess you misunderstand, imho what he wants to block is OUTgoing traffic (not that I see what the problem behind it is).
Sorry
I see
Not sure there is a simple solution to that. I can config my router to restrict a LAN IP to a specific port/s
On 04/07/2011 10:36 AM, hcvv wrote:
>
> Carl, I guess you misunderstand, imho what he wants to block is OUTgoing
> traffic (not that I see what the problem behind it is).
On Windows, it is too easy to load a Trojan. The Windows firewalls are needed to
block these rogue programs from getting out.
To the OP: When an OS is properly designed, it is very difficult for this kind
of program to be installed and operated, thus this type of firewall is not needed.
That explains it. How should I know what Windows does (right or wrong) 
.
On Thu, 07 Apr 2011 21:31:34 +0530, Larry Finger
<Larry.Finger@lwfinger.net> wrote:
> On 04/07/2011 10:36 AM, hcvv wrote:
>>
>> Carl, I guess you misunderstand, imho what he wants to block is OUTgoing
>> traffic (not that I see what the problem behind it is).
>
> On Windows, it is too easy to load a Trojan. The Windows firewalls are
> needed to block these rogue programs from getting out.
>
> To the OP: When an OS is properly designed, it is very difficult for
> this kind of program to be installed and operated, thus this type of
> firewall is not needed.
isn’t this one of the purposes of the whole apparmor thing, to allow
certain app.s to do stuff online, under certain conditions? i never used
it, because i also fees safe enough without taking the trouble to
configure those profiles.
–
phani.
I don’t use Windows, but I have to support several people that do. Whenever I
answer the phone and hear “Tech support, please”, that will be one of those times.
On Thu, 07 Apr 2011 21:47:21 +0530, phanisvara <listmail@phanisvara.com>
wrote:
> On Thu, 07 Apr 2011 21:31:34 +0530, Larry Finger
> <Larry.Finger@lwfinger.net> wrote:
>
>> On 04/07/2011 10:36 AM, hcvv wrote:
>>>
>>> Carl, I guess you misunderstand, imho what he wants to block is
>>> OUTgoing
>>> traffic (not that I see what the problem behind it is).
>>
>> On Windows, it is too easy to load a Trojan. The Windows firewalls are
>> needed to block these rogue programs from getting out.
>>
>> To the OP: When an OS is properly designed, it is very difficult for
>> this kind of program to be installed and operated, thus this type of
>> firewall is not needed.
>
> isn’t this one of the purposes of the whole apparmor thing, to allow
> certain app.s to do stuff online, under certain conditions? i never used
> it, because i also fees safe enough without taking the trouble to
> configure those profiles.
>
makes sense in a multi-user environment, of course, where not all users
are trusted, regarding knowledge or otherwise.
–
phani.