ufw-stats
opensnitch
| ufw-stats | opensnitch | |
|---|---|---|
| 1 | 222 | |
| 16 | 11,380 | |
| - | 1.9% | |
| 0.0 | 9.3 | |
| over 2 years ago | 9 days ago | |
| Python | Python | |
| BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ufw-stats
opensnitch
-
Popular GitHub Action tj-actions/changed-files is compromised
I've found firejail to be a useful tool for this (https://github.com/netblue30/firejail), and additionally use opensnitch (https://github.com/evilsocket/opensnitch) to monitor for unexpected network requests.
For CI/CD using something like ArgoCD let's you avoid giving CI direct access to prod - it still needs write access to a git repo, and ideally some read access to Argo to check if deployment succeeded but it limits the surface area.
- Ransomware malware targeting Linux Desktop users spotted in the wild
-
Sniffnet – monitor your Internet traffic
There is OpenSnitch [0] on Linux, but it us a bit clumsy to setup. I tried it once and didn't get far, but have it again on my todo list. Not aware of something similar on Linux.
On Android there is NetGuard [1] which is awesome (not affiliated, just a happy customer).
[0] https://github.com/evilsocket/opensnitch
[1] https://netguard.me/
-
Little Snitch: Network Monitor and Application Firewall for macOS
Can't forget about OpenSnitch, for those of you that would rather not buy a license to do this sorta thing: https://github.com/evilsocket/opensnitch
-
Homemade application firewall for Linux
I was working on an old game; trying to understand its Network protocol, and how the binary behavior when something on the connections goes wrong, and something comes to my mind: "What if I could block the traffic to this server only for this process?" what brings me to OpenSnitch.
- OpenSnitch is a GNU/Linux interactive application firewall
-
Capturing SSL/TLS plaintext without a CA certificate using eBPF
Have you seen OpenSnitch? https://github.com/evilsocket/opensnitch
It's a Linux project that's replication what Little Snitch does on macOS - it doesn't decrypt TLS secured data but it does show and allow blocking of network connections (even if it can't see exactly what's going on inside this connections).
Combining eCapture features with OpenSnitch would be awesome. It'd be great if as well as tracking all network connection, you could flag connections sending specific data (like your name, email address, or phone number) to unexpected servers.
- OpenSnitch: GNU/Linux interactive application firewall inspired by Little Snitch
- Is Linux worth it for the average non-tech user?
-
Safari share menu now violates privacy
opensnitch has existed for a while now. I've never used it, so I can't comment on how well it works.
https://github.com/evilsocket/opensnitch
What are some alternatives?
opensnitch - OpenSnitch is a GNU/Linux application firewall
portmaster - 🏔 Love Freedom - ❌ Block Mass Surveillance
habu - Hacking Toolkit
picosnitch - Monitor Network Traffic Per Executable, Beautifully Visualized
socialclub-notification-blocker - Next-generation firewall (NGFW) that supports blocking SocialClub Overlay notifications.
flathub - Issue tracker and new submissions