On Saturday 29 August 2020 01:10:15 Dr. Nikolaus Klepp wrote:
Hi Bill!
Anno domini 2020 Fri, 28 Aug 17:06:31 -0700
William Morder via trinity-users scripsit:
Okay, so a new thread, as things have changed and
progressed somewhat,
but now I have new problems.
I got my system restored *almost* to how I want it, but some things have
changed in my system, and I did not make those changes.
#1 - When installing, I deliberately chose *not* to set a root password;
since nobody else ever gets to touch my system, it is enough that my user
password is granted root privileges when I use sudo or su.
Always set a root password, even it's 123456789. Not all programs accept
root without password.
Yeah, I tried that, but I always end up with this same problem. When I tried
setting a root password before (because it always seemed like the *right*
answer), I got this same result.
When I made the move from Kubuntu to Debian, I went through this root-password
thing at least 5 or 6 times. I always ended up with a system where I could
not be granted admin or root privileges ... EXCEPT in a sudo su shell! So
that's what I usually do: I create a sudo su shell, then exit and allow
permissions to expire, then when I need quick access again, I just hit my UP
arrow key, re-enter password, and go back into sudo su to kill something or
whatever else needs immediate attention.
Now, it would be nice to crack this nut, once and for all, but I don't want to
keep asking my own machine for permission to do things. The question is,
which of us is master?
Anyway, so now, suddenly, I am asked for the root
password in order to
run gufw and other such stuff. But when I enter my password, I get a
message that the password is incorrect. This happened before, long ago,
when I first switched from (k)ubuntu to debian; debian seems to have a
stricter default policy, which is probably a good thing, and I probably
ought to get the hang of this thing, right?
So I need an easier solution than whatever this is that I am doing (or
not doing). I have been combing through my Linux pocket guide and Linux
in a Nutshell and Linux Bible, etc., but they all say the same thing, and
none of them work.
#2 - I still want a graphical firewall that runs like the old
Firestarter; gufw isn't quite what I want, or maybe I just haven't yet
configured it properly.
didn't know Firestarter, but it loks nice for a firewall. I have to admit I
don't like linux firewall (I prefer the BSD way). Anyway, I use "ufw" - it
has a nice GUI, depending on your text editor :)
What I want is not just a GUI, but instead, one
that displays *active
connections* as they appear and disappear, and allows changing rules on
the fly. Is there such a thing?
"fierwall-applet" could be what you want, but it drags in a hole bunch of
things.
Will check it out, thanks.
Running it in
a terminal would suit me just fine, so long as it is a
dynamic display of active connections as they occur. Also an easier way
to edit iptables. (I read that there is some new "thing" to replace
iptables, meaning that ufw and gufw and their kin will all become
obsolete very soon, apparently being phased out, and I had a hard time
downloading them.)
Another possible fix would be: to pass my firestarter rules (based on
iptables) along to ufw/gufw.
gufw? a gui for ufw? Abomoination!
That could definitly be done. Are you in for a bit of shell black magic?
I am always prepared for some black magic. That is why I keep my *Linux in a
Nutshell* grimoire always close to hand. Oh, and salt, burning sulfur,
candles and incense, and some cats.
I used to keep goats and chickens, but nowadays my landlord is always
complaining.
Seriously, whatever you can recommend to get me back "in control" of the
Mother Ship.
Thanks a bunch!
But anyway,
what I want is to see my active connections. (See enclosed
screenshot.)
Any help or comments or suggestions are appreciated. If not, at least a
good joke.
Windows guys suggest to run a firewall in amazon cloud and send all your
network through it. I still have not figured out if tis is a bad joke or
that they actully do, but I have the strong feeling this is a seriouse
advise (there are commertial offers for this kind of stuff).
It sounds like these kids forget everything about security, privacy, whenever
somebody says the word "cloud" -- then it's all okay.
> Bill
>
> P.S. The worst insult is, just before my upgrade, I had got my Jessie
> system fine-tuned to near-perfection, and was feeling rather smug and
> virtually bulletproof. On the bright side: Beowulf/Buster does seem to
> run better, overall, except for when I can't get it to DO WHAT I WANT.
>
> :-\
>
> See screenshot for firewall example.
---------------------------------------------------------------------
To unsubscribe, e-mail: trinity-users-unsubscribe(a)lists.pearsoncomputing.net
For additional commands, e-mail: trinity-users-help(a)lists.pearsoncomputing.net
Read list messages on the web archive:
http://trinity-users.pearsoncomputing.net/
Please remember not to top-post:
http://trinity.pearsoncomputing.net/mailing_lists/#top-posting