💾 Archived View for gmi.noulin.net › 2021-07-30-installing-opensnitch.gmi captured on 2024-08-24 at 23:34:19. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-03-20)

-=-=-=-=-=-=-

Installing opensnitch in Debian (Buster and newer)

Feed

date: 2023-02-27 10:58:36

categories: privacy

firstPublishDate: 2021-07-30 13:20:47

What is opensnitch?

Opensnitch is an application level firewall, it shows connections made by applications and helps protecting privacy. It is clone of Littesnitch for macOS (paid app, there is a free alternative

lulu

that has about the same features).

It allows monitoring and blocking unnecessary or suspicious connections by creating firewall rules in the GUI. I use it to monitor firefox and change my configuration.

I don't use chrome in general but according to this article

Choose your browser carefully

, it also makes unwanted connections.

The Opensnitch package available in Debian Bookworm

Install it with apt:

apt-get install opensnitch python3-opensnitch-ui

How to install opensnitch

Download the prebuilt deb packages: daemon and GUI

https://github.com/evilsocket/opensnitch/releases

https://github.com/evilsocket/opensnitch/releases

Then run:

dpkg -i opensnitch_1.4.0.rc-1_amd64.deb
dpkg -i python3-opensnitch-ui_1.4.0.rc-1_all.deb
apt-get -f install

opensnitch-ui

Blocking connections from firefox

Opensnitch gave me a list of domains firefox is connecting to and I went to check how these domains are used and decided whether I want to block them.

Then I changed my firefox configuration ('about:config') like this:

Mozilla has a page showing

how to stop firefox making automatic connections

.

I block the OCSP servers because I browse to reliable and trustworthy websites and I think it is privacy invasion. I wish there was an alternative solution with the certificate validity checks done in the client.

hashtags: #privacy

Feed