Securing Ubuntu Linux (was: Re: sudo without password)

[Luis]

(sorry. had to change the subject since this conversation took a wild
spin. again blame us humans)

On 6/9/06, Adriano Varoli Piazza <moranar at gmail.com> wrote:
[snip]
> On the subject of firewalls, I'd like something on Linux that by
> default closes everything and then graphically or CLI-lly asks you
> when you first try to open a port. The way I've seen Windows Firewall
> doing, lately. It's a way to know when something's trying to talk
> behind your back.

I believe this can be easily implemented in Firestarter:

1. by default install Firestarter and daemon-ise it. A status client
showing in the system tray like the update synaptic thingie works.
Firestarter already allows this to be done.
2. by default allow no port to communicate in or out (note that
Firewalls in Linux can't do per app ports like Windows does. Maybe
there is a way?) -- with a few exceptions of course (per IP exceptions
on 127.x.x.x as well)
3. log everything and have something reading those messages and
triggering messages to the user as needed. in the same manner that
"there is a new update" tool tips pop up, asking for a simple: yes,
no, always allow, always deny questions.

I see that in a few lines of code (in my head). Possibly a python
script since that's Ubuntu's language of choice. Done in whatever
language Firestarter is written in would perhaps be better ;-).

Remember that Firestarter just manages a set of files under
/etc/firestarter from where all firewall rules are generated.

-- 
----)(-----
Luis Mondesi
*NIX Guru

Kiskeyix.org

"We think basically you watch television to turn your brain off, and
you work on your computer when you want to turn your brain on" --
Steve Jobs in an interview for MacWorld Magazine 2004-Feb

No .doc: http://www.gnu.org/philosophy/no-word-attachments.es.html