FOSSPicks
OpenSnitch
Even though it's poorly implemented, Windows 10's dynamic firewall feature is theoretically a worthwhile addition. It notifies you when an application it doesn't know about, or an application without adequate permissions, attempts to make an outside network connection. You can then choose to enable it or block its attempts to communicate. Much like Android, this would be great if you could trust that nothing else was getting through without notifying you, but that sadly isn't the case. However, Mac OS users have a better option with a third-party tool called Little Snitch, which does basically the same thing, but because Little Snitch registers kernel extensions on a Unix-alike system, it seems a little more trustworthy.
What would be even better than all of these, of course, is a Linux application that tries to do the same thing – enter OpenSnitch. OpenSnitch is a firewall tool that notifies you when an unknown process attempts to make a connection and lets you decide whether to whitelist the app, block the app from making the connection, or deny or allow the connection for this time only. You might wonder why you'd need something like this when Linux network security is already very high, but it's because we often install and run so much that it can be difficult keeping abreast of what permissions are needed by everything. OpenSnitch does exactly this. It will automatically detect an outgoing connection regardless of the source, allowing you to create your firewall configuration as you need it. It's also a great way to see what even trusted applications are doing over the network. Of course, if you suffer some kind of vulnerability, the first thing it will try to do is talk to a server, which can be stopped with OpenSnitch before any communication takes place.
Project Website
https://github.com/evilsocket/opensnitch
![](/var/linux_magazin/storage/images/issues/2018/211/fosspicks/fig71390bf871d3d712ff0b1a7ba3e4a0ad.png/726986-1-eng-US/fig71390bf871d3d712ff0b1a7ba3e4a0ad.png_large.png)
IRC client
Irc it (ii)
The IRC protocol is supremely hackable and relatively easy to implement, mostly thanks to the protocol being basic and universal – it's almost as simple as sending character codes to a port and reading character codes from a port. It's perhaps for this reason that there are so many different IRC clients and implementations, from the all-powerful, like Irssi or WeeChat, to the experimental. Irc it (ii) definitely falls into the experimental category, because instead of presenting IRC as an interactive text parser, it turns IRC into a minimalist FIFO filesystem. This means that your IRC server connection appears as a directory tree, populated by server, channel, and nickname directories. At the end of every path is an in file and an out file. The out file is where you'll find the messages for that channel, whereas text placed within the in file will be delivered to the channel. For example, typing
echo "/j #linuxvoice"> irc.freenide.net/in
will join the Linux Voice channel and create a new directory.
It's a unique take on IRC that could even have practical uses, especially if you use IRC for sharing files. But this filesystem layout may be equally useful for automation tasks or for processing input and output, such as through a natural language parser or speech synthesizer. The project site includes several example bots, as well as enhancements that help you use the client from within Vim or as a PHP web front end. And while you're unlikely to find a pre-built package for your distribution, this project's tiny pocket of 500 lines of C code will build in less than a second and makes for a great template if you want to write you own IRC client.
Project Website
https://tools.suckless.org/ii/
![](/var/linux_magazin/storage/images/issues/2018/211/fosspicks/figa431793e9cf64f408e30601dbd04104c.png/726989-1-eng-US/figa431793e9cf64f408e30601dbd04104c.png_large.png)
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
![Learn More](https://www.linux-magazine.com/var/linux_magazin/storage/images/media/linux-magazine-eng-us/images/misc/learn-more/834592-1-eng-US/Learn-More_medium.png)
News
-
NVIDIA Released Driver for Upcoming NVIDIA 560 GPU for Linux
Not only has NVIDIA released the driver for its upcoming CPU series, it's the first release that defaults to using open-source GPU kernel modules.
-
OpenMandriva Lx 24.07 Released
If you’re into rolling release Linux distributions, OpenMandriva ROME has a new snapshot with a new kernel.
-
Kernel 6.10 Available for General Usage
Linus Torvalds has released the 6.10 kernel and it includes significant performance increases for Intel Core hybrid systems and more.
-
TUXEDO Computers Releases InfinityBook Pro 14 Gen9 Laptop
Sporting either AMD or Intel CPUs, the TUXEDO InfinityBook Pro 14 is an extremely compact, lightweight, sturdy powerhouse.
-
Google Extends Support for Linux Kernels Used for Android
Because the LTS Linux kernel releases are so important to Android, Google has decided to extend the support period beyond that offered by the kernel development team.
-
Linux Mint 22 Stable Delayed
If you're anxious about getting your hands on the stable release of Linux Mint 22, it looks as if you're going to have to wait a bit longer.
-
Nitrux 3.5.1 Available for Install
The latest version of the immutable, systemd-free distribution includes an updated kernel and NVIDIA driver.
-
Debian 12.6 Released with Plenty of Bug Fixes and Updates
The sixth update to Debian "Bookworm" is all about security mitigations and making adjustments for some "serious problems."
-
Canonical Offers 12-Year LTS for Open Source Docker Images
Canonical is expanding its LTS offering to reach beyond the DEB packages with a new distro-less Docker image.
-
Plasma Desktop 6.1 Released with Several Enhancements
If you're a fan of Plasma Desktop, you should be excited about this new point release.