App Apocalypse
-
Please, may I filter out certain applications or allow only some apps like Firefox.
I seek to prevent any key-loggers from sending online information. -
@logsj This specific request would be a L8 issue on your computer, not something your firewall could take care of for you.
As for transmission of specific types of traffic to known (or maybe unknown) entities would fall under IDS/IPS. I am moving your topic into that channel.
-
-
I hear anything could get around a firewall, so why use them at all?
-
"why even have a firewall at all", while there is no perfect solution to stop all attacks, having something in place is better than nothing.
The question people ask 'Is the network secure?'. And from a net-admin's perspective it's a difficult one to answer. Compare it to asking a Doctor, 'I got my flu-shot.. will I ever get the flu?' The answer is, 'your chances of getting it are now lower, but no one can with certainty say 'no you will not get the flu'.'
I get this question often enough where I've documented my answer.. so here it is;
"Outline the measures you’ve taken to secure the environment (AV, EDR, MFA, spam filter, etc).
I would then state “Unfortunately, we can’t guarantee the security of any environment. While we have deployed multiple layers of security, the threat landscape is constantly changing. Additionally, for awareness, end users account for a vast majority of cybersecurity incidents.”
I would recommend first understanding the different OSI layers (jeremy cioara is how i learned to understand them), and then rethink your question.
To directly answer your concern about keyloggers and related tools.. Look in to programs that run on windows (or whatever OS you're running) and detect them from there, not from your firewall.
https://www.youtube.com/watch?t=821&v=fKuqYQdqRIs
-
@logsj said in App Apocalypse:
I hear anything could get around a firewall, so why use them at all?
The most secure computer in the world is one that is not on the internet.
You want a fixed solution that will work for you... in one single location... you won't get that.
You would need to put something on the single computer that does those things, those products exist but they are EXCESSIVELY bloated in Windows and macOS systems and they are also often prone to their own issues.
Multiple products will be needed to do what it is you're describing, there is no one solution that lives outside of your computer.
-
@robcalewar So we're all scre*#d. I would suggest only allowing internet access by application (opensnitch) implementation or strict password access like the sudo user (for outgoing traffic). What comes in never leaves. I'm on Linux.
-
What is the point of this thread? So far it seems to be a sort of random rant by the OP with no clear direction or question.
-
@bmeeks He posted the same thing on the opnsense forum but it looks like they shut it down over there.
-
@jarhead said in App Apocalypse:
@bmeeks He posted the same thing on the opnsense forum but it looks like they shut it down over there.
I am inclined to do the same here if the conversation does not improve .
-
I guess you cant take the heat. And like Hitler you use the SS and Gestapo when you cant improve the software.
Anyway, who cares about you or this stupid software of yours anyway, especially when there's UFW on linux.Victim of free speech.
-