this post was submitted on 12 Jul 2026
153 points (98.1% liked)

Technology

86279 readers
2451 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 3 years ago
MODERATORS
top 19 comments
sorted by: hot top controversial new old
[–] heartSagan5@lemmy.zip 13 points 18 hours ago

iptables and nftables are just different frontends to the netfilter kernel module.

[–] ohshit604@sh.itjust.works 18 points 1 day ago* (last edited 1 day ago) (2 children)

OpenSnitch is a nice for the desktop environment, deny by default and prompts the user when an application requests a open port, at first the prompts can get a little overwhelming given how many things want to connect to xyz server but eventually lightens up.

[–] prenatal_confusion@feddit.org -1 points 16 hours ago (1 children)

I really dont like the idea that a program on my local os doing things I don't want it to do and the only thing stopping it is a software firewall.

If you don't trust the platform then you shouldn't be using it. No bandaid like antivirus or firewall can help with that.

[–] ohshit604@sh.itjust.works 7 points 16 hours ago* (last edited 15 hours ago) (1 children)

If you don't trust the platform then you shouldn't be using it. No bandaid like antivirus or firewall can help with that.

I mean, if you don’t have a firewall on the device itself then your router certainly does, your device requests xyz port open your router will oblige with UPNP unless explicitly denied.

The on-device firewall is just an extra step before it hits your router’s firewall anyways, I’m sure your devices have made contact with servers behind your back that you know nothing about.

[–] prenatal_confusion@feddit.org 0 points 10 hours ago

I absolutely agree that additional security layers are useful and even necessary. A software firewall on the device itself just isn't one of them. For me.

[–] Jason2357@lemmy.ca -2 points 23 hours ago (4 children)

Its a little annoying on Linux but I wonder what it would be like on Windows.

[–] ohshit604@sh.itjust.works 3 points 18 hours ago* (last edited 18 hours ago)

The firewall is annoying? I would argue and say the firewall is protecting your computer from connecting to a rouge server, annoying or not it’s better than some douche abusing an exploit in your system.

[–] Dnb@lemmy.dbzer0.com 9 points 23 hours ago

Windows firewall already does prompt like this

[–] makeshift0546@lemmy.today 2 points 21 hours ago* (last edited 21 hours ago)

Trivial. It pops up, you click.

[–] MonkderVierte@lemmy.zip 2 points 22 hours ago (1 children)

Glasswire and Tinywall(?) are like this.

[–] lemonuri@infosec.pub 2 points 19 hours ago (1 children)

Simplewall works great, it's open source. And yes, there are a couple of million requests made by windows apps alone, which are completely fine to block. Simplewall also blocks windows telemetry. I have to use win11 at work and it's an absolute ahitstorm of network requests that you don't get to see when using windows firewall.

Glaswire looks beautiful and functions well, but you will hit the paywall after a couple of weeks (I used this on the around 2010 I think)

[–] MonkderVierte@lemmy.zip 1 points 12 hours ago

Right, Simplewall, not Tinywall.