Hello Sup Forums.
Redpill me on firejail, apparmor, selinux, iptables and so on.
Hello Sup Forums
Noah Rodriguez
Other urls found in this thread:
ietf.org
opensnitch.io
twitter.com
Jace Thomas
packets arent dangerous if your well secured
firewalls are not meant as a first-line-of-defense
media has lied to you
Ayden Morgan
All deprecated. All you need is windows defender
Samuel Gomez
> packets arent dangerous if your well secured
How to properly secure ?
Jaxon Young
apparmor is garbage, firejail is a shitty excuse to not program sane and secure applications, iptables was shit and never will be good, grsec is dead, selinux will never be as good as grsec
Grayson Anderson
>selinux
basically for MAC
> iptables
pretty damn powerful layer 3 stateful firewall.
>packets arent dangerous if your well secured
well, if hackers would only follow the standards in RFC3514 we could filter packets based on evil intent by just checking for the evil bit flag being set to 1
ietf.org
Ian Ramirez
not using little snitch
Joseph Ross
this is not the truth.
anytime you are networked you are taking risk.
there is no way to properly secure a computer to make it immune to malicious packets.
there will always be a new exploit that has not been secured against yet
Jayden Murphy
iptables is good. it slows down port scanners because they have to wait for a timeout.
Oliver Watson
Is there any little snitch alternative for GNU/linux?
Samuel Johnson
pf>nftables>iptables
MAC is only then useful when your application can not integrate with the entire OS, so you can confine a file to the context it runs in
gotta love me some error 418
Jason Rogers
Remove rj45 cable, put computer in farraday cage inside underground bunker.
Joseph Walker
i agree, but pf is bsd
Jason Edwards
ya, this is probably the only way to really secure a computer.
be sure to remove bluetooth, usb ports, and any sort of i/o peripherals (monitor, keyboard, mouse) and keep it locked in a fireproof safe just incase the bunker gets breached.
only then will your computer be truly secure
Oliver Cruz
iproute2 > ifconfig
bubblewrap > firejail
nftables > iptables/netfilter/firewalld/shorewall/ufw
Selinux is good.
Apparmour uses python.(ew)
Lincoln Murphy
Thanks to you, i just discovered OpenSnitch
opensnitch.io
I'll try it... Any other application firewall?
Sebastian Campbell
Your thoughts about suricata on desktop ?
Colton Sanchez
>Your thoughts about suricata on desktop ?
dont put it on desktop.
i use surricata but its running on an odriod XU-4 that acts as my home's hardware firewall.
if your going to use a IDP/IPS you dont want it running on a host, because if the host were to be compromised so too are the ids/ips logs.
use an external hardware device with out of band management to do this properly.
the odriod XU4 has gigabit ethernet jacks and quad cores with 4 gb of ram, so it can handle firewalling an entire home without any slowdown.
if you want to save money, try this out using a raspberry pi first.
Jace Edwards
Snort vs Suricata
Who wins?
John Scott
>iproute2 > ifconfig
1. why did we even need a replacement?
2. why couldn't they bake in wireless settings like FreeBSD has with ifconfig?
Michael Price
thanks for the protip
Dylan Howard
suricata is just an addon to snort.
so suricata
Luis Smith
>suricata is just an addon to snort
What the fuck am I reading? They’re two different IDS systems
Nathan Ward
Depends, support-wise I’d go with Snort. It’s the older of the two and has an extensive repository of rules. But most of those rules also work on suricata.
Snort is single threaded but I believe they’re changing some of that up in version 3.0. Suricata was designed with multi threading. I’ve seen both Snort and Suricata scaled up to 10gbit.
I will say that Suricata is probably a bit simpler to configure.
Try both and see which one you like more.
Luis Howard
I've used Snort before but only on my home network. I liked it, no complaints really. Just takes time to figure out all the false positives. I was planning on trying Suricata when I set up my new pfsense box. Snort3 looks pretty nice too though. On a home network I dont think I will see much improvement whether its multi-threaded or not. Or will I?
Adrian Gray
>ip tables
using routing protocols such as eigrp and ospf, routers exchange bits of their routing tables to adjacent partners so that routers know where to send shit
James Smith
Not true. Someone on Sup Forums fucked my shit up a while back.
Andrew Stewart
What's wrong with iptables? You don't how to use?