-
Notifications
You must be signed in to change notification settings - Fork 20
Getting started
After installing opensnitch, the daemon will start intercepting connections and by default it'll allow them.
When you open the GUI, you'll see all the connections and processes that has intercepted, and it'll prompt you to allow or deny new outgoing connections.
The default action is to allow outgoing connections, so you can let it run for a while (hours, days, weeks), and observe what your machine is doing.
Once you know which are the common processes, IPs and hosts that your machine is connecting to, you can start creating rules to deny or allow them. A common practice is to apply a rule of "Least privilege", i.e., block all by default and allow only those processes or connections that you want to.
Some processes are part of the GNU/Linux system, and critical to the well functioning of it. Some of these processes are:
/usr/bin/xbrlapi
/usr/bin/dirmngr
/usr/bin/kdeinit5
Some others are not critical, but as part of the system they have their function, like discovering devices or resolving domains. For example:
/usr/libexec/colord-sane
/usr/sbin/avahi-daemon
/usr/libexec/dleyna-server-service
- Installation
-
Getting started
- Events window
- Process monitor dialog
- Configuration
- Compilation
- GUI translations
- FAQs and common errors
- Examples OpenSnitch in action