Limit upload bandwith from notebook for security reasons

I’m using a notebook for work.

If somebody ever distributes a malware for Linux, I’d like to make things a little bit more difficult and limit the upload bandwith. I don’t need the full speed of WLAN or Ethernet or LTE for any upload. And if, I could remove the “bottleneck”.

I know that a keylogger does not need much bandwith. And a software which tries to encrypt all my files and demand payment for the key won’t upload much either.

But I have backups and my online banking works independently from passwords. The HDD is encrypted, so if somebody steals the notebook, what a pity, but no catastrophe.

What I’d like to prevent is a malware uploading my files, gigabytes.

Probably I’d have to write a feature request, but I don’t know where. Or would some lines of code executed with root priviliges suffice?

Regards,

Alexander

On 2015-08-10 11:16, cookie170 wrote:
>
> I’m using a notebook for work.
>
> If somebody ever distributes a malware for Linux, I’d like to make
> things a little bit more difficult and limit the upload bandwith.

There is a setting in /etc/sysconfig/SuSEfirewall2, FW_HTB_TUNE_DEV,
which does it, but only it seems for only ppoe devices. Read the
comments in the file and try.


Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)

Linux Advanced Routing and Traffic Control
http://www.lartc.org/

The above can get pretty complex.

If you want a condensed approach to shaping packets including simpler methods which don’t apply a QoS policy, I’d recommend the Linux Arch Wiki article
https://wiki.archlinux.org/index.php/Advanced_traffic_control

The most common utility used is tc
(Described in both articles above)

TSU

Thank you for your answers.

I understand that a user should not touch things like traffic shaping without much time and effort.

However, obviously the machinery has been implemented into the kernel, but there is noch GUI and no easy-to-use command line feature.

I don’t need a GUI, but what I’d like to have is a script ready to use like posted in the linked article, addressing users.