Hey there folks,

I’m trying to figure out how to configure my UFW, and I’m just not sure where to start. What can I do to see the intetnet traffic from individual apps so I can know what I might want to block? This is just my personal computer and I’m a total newbie to configuring firewalls so I’m just not sure how to go about it. Most online guides seem to assume one already knows what they want to block but I don’t even know how/where to monitor local traffic to figure out what I can/should consider blocking.

  • ReversalHatchery@beehaw.orgEnglish
    2·
    3 hours ago

    run sudo ss -tulpn, and have a look at the processes and their privileges listening for incoming connections. If one of them has a vulnerability, through which a third party can make that software do things it was not intended for… that’s pretty bad.
    This can most easily happen with software whose developers are underresouced/careless/stubborn.

    A recent case of that happening: https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
    Tl;Dr, remote code execution vulnerability in software that most often runs as root, automatically.

    • drkt@lemmy.dbzer0.com
      1·
      2 hours ago

      I understand your point but I reiterate that I don’t connect to unsafe networks. If someone has remote code execution on a device on my side of the network then they are also inside my apartment and I’d be more worried about that.