Hello Sup Forums.
Redpill me on firejail, apparmor, selinux, iptables and so on.
Hello Sup Forums.
Redpill me on firejail, apparmor, selinux, iptables and so on.
Other urls found in this thread:
ietf.org
opensnitch.io
twitter.com
packets arent dangerous if your well secured
firewalls are not meant as a first-line-of-defense
media has lied to you
All deprecated. All you need is windows defender
> packets arent dangerous if your well secured
How to properly secure ?
apparmor is garbage, firejail is a shitty excuse to not program sane and secure applications, iptables was shit and never will be good, grsec is dead, selinux will never be as good as grsec
>selinux
basically for MAC
> iptables
pretty damn powerful layer 3 stateful firewall.
>packets arent dangerous if your well secured
well, if hackers would only follow the standards in RFC3514 we could filter packets based on evil intent by just checking for the evil bit flag being set to 1
ietf.org
not using little snitch
this is not the truth.
anytime you are networked you are taking risk.
there is no way to properly secure a computer to make it immune to malicious packets.
there will always be a new exploit that has not been secured against yet
iptables is good. it slows down port scanners because they have to wait for a timeout.
Is there any little snitch alternative for GNU/linux?
pf>nftables>iptables
MAC is only then useful when your application can not integrate with the entire OS, so you can confine a file to the context it runs in
gotta love me some error 418
Remove rj45 cable, put computer in farraday cage inside underground bunker.
i agree, but pf is bsd
ya, this is probably the only way to really secure a computer.
be sure to remove bluetooth, usb ports, and any sort of i/o peripherals (monitor, keyboard, mouse) and keep it locked in a fireproof safe just incase the bunker gets breached.
only then will your computer be truly secure
iproute2 > ifconfig
bubblewrap > firejail
nftables > iptables/netfilter/firewalld/shorewall/ufw
Selinux is good.
Apparmour uses python.(ew)
Thanks to you, i just discovered OpenSnitch
opensnitch.io
I'll try it... Any other application firewall?
Your thoughts about suricata on desktop ?
>Your thoughts about suricata on desktop ?
dont put it on desktop.
i use surricata but its running on an odriod XU-4 that acts as my home's hardware firewall.
if your going to use a IDP/IPS you dont want it running on a host, because if the host were to be compromised so too are the ids/ips logs.
use an external hardware device with out of band management to do this properly.
the odriod XU4 has gigabit ethernet jacks and quad cores with 4 gb of ram, so it can handle firewalling an entire home without any slowdown.
if you want to save money, try this out using a raspberry pi first.
Snort vs Suricata
Who wins?
>iproute2 > ifconfig
1. why did we even need a replacement?
2. why couldn't they bake in wireless settings like FreeBSD has with ifconfig?
thanks for the protip
suricata is just an addon to snort.
so suricata
>suricata is just an addon to snort
What the fuck am I reading? They’re two different IDS systems
Depends, support-wise I’d go with Snort. It’s the older of the two and has an extensive repository of rules. But most of those rules also work on suricata.
Snort is single threaded but I believe they’re changing some of that up in version 3.0. Suricata was designed with multi threading. I’ve seen both Snort and Suricata scaled up to 10gbit.
I will say that Suricata is probably a bit simpler to configure.
Try both and see which one you like more.
I've used Snort before but only on my home network. I liked it, no complaints really. Just takes time to figure out all the false positives. I was planning on trying Suricata when I set up my new pfsense box. Snort3 looks pretty nice too though. On a home network I dont think I will see much improvement whether its multi-threaded or not. Or will I?
>ip tables
using routing protocols such as eigrp and ospf, routers exchange bits of their routing tables to adjacent partners so that routers know where to send shit
Not true. Someone on Sup Forums fucked my shit up a while back.
What's wrong with iptables? You don't how to use?