I'm trying to create a VERY simple firewall. For basically my own educational purposes, since I only know how to program in dos batch, if you can call that programming. I have a lot of computer experience, but no classic coding knowledge. Google pointed me at visual templates studio so I downloaded that and visual studio 2017 community. And found myself completly confused. I'm scared to click stuff :)
Anyway this is the idea:
First part of program is checking if it is in startup folder. If it is, it should start itself from there. If not, it should copy itself there and start itself. I beleive shortcut to that folder is shell:startup I have no idea about best practices, and don't care about them, this is only for me to get educated.
Second part is blocking all possible protocols on all possible network adapters (hidden, merged, bluetooth, don't care, all of them). After this part executes, a wireshark check should be mute. Absolutely nothing. Zip. Nada traffic.
Third part is having a taskbar icon and if clicked opening a window where I could add some simple exceptions. TCP+UDP ports incoming or outgoing or both.
It should be a dead silent app. No notifications of any kind. Mute.
So, if anyone has any tips to get me started in the right direction, I'd be gratefull. I'm still learning what buttons do in visual studio :)
This is not an appropriate project for your current skill level.
However, if you want to attempt it anyway, you will want to acquaint yourself with the Windows Firewall with Advanced Security API.
Note that using this API will not make network sniffer tools like Wireshark report no activity, as 1) these tools observe traffic before firewall rules are applied; and 2) some network traffic, like ARP and DHCP, is required to join a network at all.
Related
Is there a (open source or commercial) software solution available for the Linux platform to build a custom embedded navigation device? It should be able to display maps and do routing (just like a TomTom/Navigon/Garmin/... navi device).
Unfortunately all navigation solutions seem to target Windows CE only.
Something based on OpenStreeMap data is not an option, because the map data is IMHO not always good enough for serious routing / driving instructions.
Since I'm searching for a long time now without luck I'm not too restrictive on the implementation details, however it should be possible to extend the software with custom functions or ideally embed the navigation in my own software.
Android with Google Maps comes to my mind, but I'd like to avoid setting up Android for my device.
Alternatively, if there is no such solution, I might use a end-user navigation device if that allows me some kind of communication with my own device to control it.
I'm open for any suggestions, thanks..
There is a huge list here. Take a look if anything suites your needs.
Is it possible to create GUI firewall that works as Windows and Mac counterparts? Per program basis. Popup notification window when specific program want to send\recv data from network.
If no, than why? What Linux kernel lacks to allow existence of such programs?
If yes, than why there aren't such program?
P.S. This is programming question, not user one.
Yes it's possible. You will need to setup firewall rules to route traffic through an userspace daemon, it'll involve quite a bit of work.
N/A
Because they're pretty pointless - if the user understands which programs he should block from net access he could just as well use one of multiple existing friendly netfilter/iptables frontends to configure this.
It is possible, there are no restrictions and at least one such application exists.
I would like to clarify a couple of points though.
If I understood this article correct, the firewalls mentioned here so far and iptables this question is tagged under are packet filters and accept and drop packets depending more on IP addresses and ports they come from/sent to.
What you describe looks more like mandatory access control to me. There are several utilities for that purpose in Linux - selinux, apparmor, tomoyo.
If I had to implement a graphical utility you describe, I would pick, for example, AppArmor, which supports whitelists, and, to some extent, dynamic profiling, and tried to make a GUI for it.
OpenSUSE's YaST features graphical interface for apparmor setup and 'learning' , but it is specific to the distribution.
So Linux users and administrators have several ways to control network (and files) access on per-application basis.
Why the graphical frontends for MAC are so few is another question. Probably it's because Linux desktop users tend to trust software they install from repositories and have less reasons to control them this way (if an application is freely distributed, it has less reasons to call home and packages are normally reviewed before they get to repositories) while administrators and power users are fine with command line.
As desktop Linux gets more popular and people install more software from AUR or PPA or even from gnome-look.org where packages and scripts are not reviewed that accurately (if at all) a demand for such type of software (user-friendly, simple to configure MAC) might grow.
To answer your 3rd point.
There is such a program which provides zenity popups, it is called Leopard Flower:
http://sourceforge.net/projects/leopardflower
Yes. Everything is possible
-
There are real antiviruses for linux, so there could be firewalls with GUI also. But as a linux user I can say that such firewall is not needed.
I reached that Question as i am currently trying to migrate from a Mac to Linux. There are a lot of applications I run on my Mac and on my Linux PC. Some of them I trust fully. But others I am not fully trusting. If they are installed from a source that checks them or not, do i have to trust them because someone else did? No, I am old enough to choose myself.
In times where privacy is getting more and more complicate to achieve, and Distributions exist that show that we should not trust everyone, I like to be in control of what my applications do. This control might not end at the connection to the network/Internet but it is what this question (and mine is about.
I have used LittleSnitch for MacOSX in the past years and I was surprised how often an application likes to access the internet without me even noticing. To check for updates, to call home, ...
Now where i would like to switch to Linux, I tried to find the same thing as I want to be in control of what leaves my PC.
During my research I found a lot of questions about that topic. This one, in my opinion, best describes what it is about. The question for me is the same. I want to know when an application tries to send or receive information over the network/internet.
Solutions like SELinux and AppAmor might be able to allow or deny such connections. Configuring them means a lot of manual configuration and does not inform when a new application tries to connect somewhere. You have to know which application you want to deny access to the network.
The existence of Douane (How to control internet access for each program? and DouaneApp.com) show that there is a need for an easy solution. There is even a Distribution which seems to have such a feature included. But i am not sure what Subgraph OS (subgraph.com) is using, but they state something like this on there website. It reads exactly like the initial question: "The Subgraph OS application firewall allows a user to control which applications can initiate outgoing connections. When an unknown application attempts to make an outgoing connection, the user will be prompted to allow or deny the connection on a temporary or permanent basis. This helps prevent malicious applications from phoning home."
As it seems to me, there are only two options at the moment. One is to Compiling Douane manually mysqlf or two, switch distribution to Subgraph OS. As one of the answers state, everything is possible - So i am surprised there is no other solution. Or is there?
My company has a Compact Framework.NET WinForms application which runs on rugged handhelds manufactured by companies like Motorola, Intermec and Psion. These are expensive devices with built-in barcode scanners that are used in harsh conditions.
The configuration of the handheld application is managed by business users through our web site. The devices pick up the configuration when they sync from within the handheld application. Field workers use the handhelds, business users use the web site.
The business users have expressed the desire to, for lack of a better description, configure and preview or even fully use the actual handheld application through a web browser. They want to make configuration changes in the web site and immediately see what the impact will be in the handheld, without having to have a physical device (again, the devices are quite expensive). They want to be able to create training materials or conduct sales meetings and be able to demonstrate the application to their customers without having a physical device on hand.
Microsoft offers several Device Emulators, but they are probably too complex for business users. They are developer tools. One idea might be to somehow use the emulators within virtual machines possibly in conjunction with Terminal Services or even some kind of clever screen capture/VNC to show an emulated device in a browser. I suspect running emulators in the fashion may not exactly be a scalable solution, however. Also, only one emulator at a time on a single machine can be "cradled" and connected to network.
I'm looking for any suggestions which might help me meet the business users' requirements.
Thanks.
The only thing I can think of offhand is not that simple, but would probably be useful (and certainly the only "true" way for them to test).
I'd create a service that works like the Remote Display app (part of the WinMo Developer power tools, also ships with Platform Builder for CE), in fact it might just use that app (the source code for it actually ships with Platform Builder, so the eval version of PB would get you that source).
You would then create a web interface that acts as a "shell" for that service, marshalling the display image out to a web page and image clicks back as mouse events to the device.
I have a new set up for software development for iOS devices. I am using MACs for the development and the company may grow from three employees right now to 20 in near future. I want to make the MACs secure so that the client code is safe and does not leave office.
Few ways I can think of a notorious employee trying to do that is
Get it on USB-key/External-Disk
Burn it on CD/DVD
Transfer it to a bluetooth device
Transfer it to Infra-Red Device
Email it as an attachment
Upload it to Dropbox or any such service
FTP to a remote server
To handle this one by one I need to do following
Disable USB access to user accounts (only admin allowed to insert a new device). But often times we need to stick in iphone/ipod touch to do on-device testing. How can I restrict the devices or get notified when someone tried to put a foreign device in any of the USB slots?
Disable CD/DVD write functions except for admin. Can I do this?
Disable bluetooth access. And if someone tries to pair a device, can I get notified or maitain a log?
Wireless keyboard and mouse use Infra-Red (IR) technology. How can I limit these devices?
Need to block all outgoing emails except company emails. Can I keep a tab on all outgoing traffic (may be by file size) so that I know some one is trying to up-load a file?
Again disable access to such website. But then every 15 days a new service springs up. How do I tackle this?
Disable ftp outgoing services. Can I do this?
Importantly is there a monitoring software that will allow me to do this? I don't mind paying. But since this is a start-up I cannot spend a fortune on this. And of-course I prefer open source solutions for the control it gives me to extend and scratch my specialized itch :)
Finally I hope I wont be judged as a bad boss or something. I am all for developer freedom but we are into consulting business and protecting client code takes priority.
Thanks for your time and looking forward to your help.
Dev.
If you don't trust your developer not to run off with your source code, don't hire them. They can find a way around your "solution"
If you can't trust any developers to not steal your source code, work alone. Anything known by two people is no longer a secret.
I am a .NET programmer who needs to port one good Desktop OTP system already at work to be used into cell phones. As far I know J2ME is the correct answer to do it. I'll appreciate any good advice about IDE, first steps, books or any other information.
Well, Eclipse IDE have good J2ME support, or so I've heard.
For api, read the javadocs:
http://java.sun.com/javame/reference/apis.jsp
You'll have to figure out which device you want to target, and grab its emulator.
Then, proceed making a hello world app with the aid of tutorials.
I would give NetBeans a try as well. Eclipse and NetBeans are very similar, but the differences can be night and day depending on your personal preferences. NetBeans also has great J2ME project support, and it is plug and play for any emulator of a device you may need to target, though I recommend sticking to the default or SonyEricsson's. Motorola's was always buggy and never reflected the device at all, and Nokia's was always sloooow.
Also, there are a ton of devices out there. Before you jump head first into this you should define a scope of exactly which devices you will need to target. This will have a huge impact on scheduling as porting is no small task.
Finally, just get your hands on the actual devices you need to target. Emulator is a good way to start, but there are always so many nuances and problems that pop up once you throw the app on the device that it's best to have your target devices from day one.