JaguarNight wrote:I finally wrote a script, it takes my external IP, some other info and emails it out at logon,
it's working well, is fast, under 1 sec, silent
OK then; however you are providing access to port 25, which almost all ISP(s) will block, as they are afraid of illegal or block emailing
--by doing that they have shutdown a larger percentage of email SPAM..
JaguarNight wrote:Linux firewalls really suck as far as identifying out connections by applications...
talking about security holes...
Not really, and like many items for UNIX/Linux, it can be managed by the user who wants to dig into the setup files..
For most, the default selections are fine, usually http in/out only, or maybe also IPP for printers, somewhat like windows file and print support, which is a default for a windows OS..
--even if IPP (internet printing Protocol) is a type of security risk.http://en.wikipedia.org/wiki/Internet_Printing_Protocol
Most people would want an internet/web connection..http://linuxgazette.net/103/odonovan.html
Scenario 1: Standard Home ComputerI'll only end by saying any thief worth his salt will not connect to any external network
For the standard user using his/her home computer for Internet browsing, e-mail, etc. then the above firewall is all that is needed as it allows all connections out while preventing any connections that are not related.
For a more paranoid user that wants to control and log all outgoing connections we might use a firewall configuration such as the following:
, until they have examined the stolen device: a notebook in this case
Also unless you have encrypted your files, such as the /home directory, even if you recovered the notebook, your data might already be gone
--if you believe that the method you propose gets you more security, well and good: I don't see it myself..
But experiments are such fun, and I commend you for experimenting..