opensnitch
by evilsocket
OpenSnitch is an interactive GNU/Linux application firewall that monitors and controls outbound connections to enhance endpoint security.
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
Primary Use Case
OpenSnitch is primarily used by Linux users and system administrators to monitor and filter outbound network connections on endpoints, providing real-time alerts and control over application network activity. It is ideal for those seeking to block unwanted connections such as ads, trackers, or malware domains, and to centrally manage firewall rules across multiple nodes.
- Interactive outbound connections filtering
- System-wide blocking of ads, trackers, and malware domains
- GUI-based configuration of system firewall (nftables)
- Management of multiple nodes from a centralized GUI
- SIEM integration for security event monitoring
Installation
- Download deb/rpm packages from https://github.com/evilsocket/opensnitch/releases
- For Debian-based systems: sudo apt install ./opensnitch*.deb ./python3-opensnitch-ui*.deb
- For RPM-based systems: sudo yum localinstall opensnitch-1*.rpm; sudo yum localinstall opensnitch-ui*.rpm
- Run the GUI with the command: opensnitch-ui or launch it from the Applications menu
- Refer to the official documentation for detailed installation guidance
Usage
>_ opensnitch-uiLaunches the OpenSnitch graphical user interface for managing firewall rules and monitoring connections
- Integrate OpenSnitch with SIEM platforms to enrich network telemetry and improve alerting accuracy.
- Use centralized node management to enforce consistent firewall policies across Linux endpoints in enterprise environments.
- Leverage interactive outbound filtering to train users on safe network behaviors and reduce insider risk.
- Combine OpenSnitch with endpoint detection and response (EDR) tools for layered defense and faster incident response.
- Deploy OpenSnitch in purple team exercises to simulate attacker command and control attempts and validate detection capabilities.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about opensnitch. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
rustdesk
rustdesk/rustdesk
An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.
osquery
osquery/osquery
SQL powered operating system instrumentation, monitoring, and analytics.
macOS-Security-and-Privacy-Guide
drduh/macOS-Security-and-Privacy-Guide
Community guide to securing and improving privacy on macOS.
How-To-Secure-A-Linux-Server
imthenachoman/How-To-Secure-A-Linux-Server
An evolving how-to guide for securing a Linux server.
Atlas
Atlas-OS/Atlas
🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.
fail2ban
fail2ban/fail2ban
Daemon to ban hosts that cause multiple authentication errors