[Wylug-help] firewall issues
John Hodrien
johnh at comp.leeds.ac.uk
Sat Mar 18 14:30:18 GMT 2006
On Sat, 18 Mar 2006, Justin Ware wrote:
> Instead of sensitive data, I should have said key logging. So I inadvertently
> install something on my linux installation that starts key logging. It sends
> out my online banking passwords. Hackers in Croatia are shocked at the
> pitiful rates of interest I receive on my current account.
Look at what you've said here...
> which is true. I do use IRC, ftp, mail etc so I don't want to block those
> ports.
Compared with here. You're going to struggle to balance those two.
> This now brings me to another question. Some windows firewalls can not only
> block outgoing on a port basis but also on an application basis. So some
> applications can have access to certain ports. Are there such products for
> Linux? I'm only asking out of curiousity. I definitely don't need one.
You'd need hideously complicated rules to really protect you in the way you
want. Odds are your keylogger is going to use IRC/HTTP to connect back to
post results, so you'd need per application filtering (and even then it's not
necessarily safe). I believe selinux can provide this sort of network access
control, but I've not looked at it.
jh
--
"People who get up early in the morning cause war, death and famine"
-- Banksy
More information about the Wylug-help
mailing list