Install and Use OpenSnitch as your Outgoing Application fIrewall

Brian McGonagill

2 min read

OpenSnitch is a free, open source, self-hosted outbound application firewall.  All Operating Systems these days have a built in firewall, but these are generally only effective against incoming threats.  This the firewall where you'll hear me or others talk about opening ports to allow you to self host a site or service you want to access from outside of your network.

An outgoing / outbound application firewall actually watches the traffic that is leavning your machine.  This can help you identify what applications are going out to the web,   An application like this should be used as a compainion to an good inbound firewall to help increase the security of your systems and network.

Applications, once installed and running (inlcuding browser extenstions), can reach out from your network, unhindered and report data and information to third party servers.  Key logging, website visits, and so much more can be shared out without your knowledge.

Install OpenSnitch

There are .deb and .rpm options for OpenSnitch, so grab two files from their github site here https://github.com/evilsocket/opensnitch/releases.  You want to grab the Daemon and the UI applications for your OS, and then start the install.  I run Ubuntu, so I'll go through the install from that perspective.

Once you've downloaded the two packages, you'll want to open up the terminal.  I only suggest the terminal, because it will present dependency issues that you might not see in a software center installer.

In the terminal enter:

sudo dpkg -i <name of the downloaded daemon.deb>

in my case I entered:

sudo dpkg -i opensnitch_1.3.6-1_amd64.deb

You'll likely see something like:

error installing opensnitch_1.3.6-1_amd64 missing packages with
   dependency problem....

Now, the errors will be more specific, but you get the idea.

To resolve this issue, you can enter the command

sudo apt install -f

Let this run through, then re-run your dpkg command.

sudo dpkg -i opensnitch_1.3.6-1_amd64.deb

Now your OpenSnitch Daemon is installed.

Next we want to install the UI that makes it easy to work with the OpenSnitch daemon.

AGain, go to your terminal and enter the command:

sudo dpkg -i python3-opensnitch-ui_1.3.6-1_all.deb

Again you'll see some dependency issues in the terminal output, so we again fix the issue with the command:

sudo apt install -f

During this, you'll be prompted that the installer needs to setup system-wide python3-pip packages.  Highlight 'Yes', and press enter to continue.

Then we re-run our install command with dpkg.

sudo dpkg -i python3-opensnitch-ui_1.3.6-1_all.deb

You'll see that same pop-up again about python3-pip system wide, so highlight 'Yes' again and press Enter.

Once it completes, you now have the OpenSnitch UI installed, and you're ready to start it up.

Be ready becuase initially it will likely identify a lot of programs trying to reach out to the internet.  Most of these are legitimate applications and you can allow them, but if you're ever unsure, err on the side of caution and deny access.

You can then look up the application to see what it is and why it's going out to the web, then decide if you want to allow afterward.

That's it, you're all setup and installed.