I second OpenSnitch. It’s the most annoying program i run, but the control it gives you over your outbound connections is so worth it from a security and privacy standpoint.
Once you start and run this you get to truly see how many different URLs are loaded when visiting just one website
Can’t, all corporate hardware and their software, too. Not my problem, but also not my intellectual property being stolen to be used in AI, so eh, NotMyProblemException.
They still work together. Pi-hole is an excellent second line of defense, but an active firewall tells you about what is trying to make connections and asks for your consent. Block lists are great, but they aren’t impenetrable. If you want to know exactly what your device and software are doing, you should also be using an active firewall.
Thanks for that suggestion, I had a passing thought a while back I should look into something like this.
Any problems in your experience? I imagine apps will fail if you’re slow to approve the outbound connection and something times out, so I get all of that, looking more for broader issues this might cause? Specifically wondering about the docker containers I run, all the development nonsense.
Both OpenSnitch and SimpleWall block by default. You can also set a timeout so that if you don’t respond in a certain amount of time they automatically create a permanent block rule. You can also check your rules and activity at any point. If a specific application is misbehaving you can always check its rules and change them, or delete them and start over. They’re very efficient, and get less intrusive over time as you respond to prompts and create more rules.
The last time I got a virus on Windows I was only made aware because the built-in firewall warned me a Powershell script was trying to phone home.
Since then I run SimpleWall and I highly recommend everyone else do the same. It’s annoying at the beginning but annoyance turns into peace of mind when you know nothing, not even built-in Windows processes can phone home without you knowing.
Not necessarily. These active firewall tools are much more thorough. They tell you any time an application or service is trying to make a connection to anywhere. Block lists are helpful, but still have gaps. These let *nothing *through unless you explicitly allow it, and ask you clearly and immediately when something that doesn’t already have a rule tries.
Doesn’t anyone else use things like OpenSnitch to audit all outgoing connections? I block all phone homes until something breaks, then investigate.
If you are trapped on Windows for some corporate reason, there is SimpleWall.
We’re all friends here, and friends don’t let friends let apps phone home.
TIL. Don’t assume people know about this like that, for many we have never even heard of it, but I’ll be using it constantly now
I’m happy I could help!
Can I subscribe to your newsletter? I want to hear all your other recommendations.
I second OpenSnitch. It’s the most annoying program i run, but the control it gives you over your outbound connections is so worth it from a security and privacy standpoint.
Once you start and run this you get to truly see how many different URLs are loaded when visiting just one website
Can’t, all corporate hardware and their software, too. Not my problem, but also not my intellectual property being stolen to be used in AI, so eh,
NotMyProblemException.Does running pi hole make this redundant, or are they solving different problems?
They still work together. Pi-hole is an excellent second line of defense, but an active firewall tells you about what is trying to make connections and asks for your consent. Block lists are great, but they aren’t impenetrable. If you want to know exactly what your device and software are doing, you should also be using an active firewall.
This is cool, thanks.
Thanks for that suggestion, I had a passing thought a while back I should look into something like this.
Any problems in your experience? I imagine apps will fail if you’re slow to approve the outbound connection and something times out, so I get all of that, looking more for broader issues this might cause? Specifically wondering about the docker containers I run, all the development nonsense.
Both OpenSnitch and SimpleWall block by default. You can also set a timeout so that if you don’t respond in a certain amount of time they automatically create a permanent block rule. You can also check your rules and activity at any point. If a specific application is misbehaving you can always check its rules and change them, or delete them and start over. They’re very efficient, and get less intrusive over time as you respond to prompts and create more rules.
Lulu is a good FOSS alternative for Macs. LittleSnitch is good too but proprietary (that’s where OpenSnitch got its name)
You my friend may just have done a great thing for me
I’m glad this is helping people! Please pass it on.
I did not know about this before, bookmarking the OpenSnitch github so I can try it out on my PC later
The last time I got a virus on Windows I was only made aware because the built-in firewall warned me a Powershell script was trying to phone home.
Since then I run SimpleWall and I highly recommend everyone else do the same. It’s annoying at the beginning but annoyance turns into peace of mind when you know nothing, not even built-in Windows processes can phone home without you knowing.
TIL.
Is this redundant with DNSBL?
Not necessarily. These active firewall tools are much more thorough. They tell you any time an application or service is trying to make a connection to anywhere. Block lists are helpful, but still have gaps. These let *nothing *through unless you explicitly allow it, and ask you clearly and immediately when something that doesn’t already have a rule tries.