Is OpenSnitch worth it? · evilsocket/opensnitch · Discussion #1405

hatscode
Aug 2, 2025

Has anyone used OpenSnitch, the Linux app level firewall?

Is it useful for spotting data exfiltration?

Can it scale or integrate with SIEM tools?

Answered by gustavo-iniguez-goya

Aug 2, 2025

Well, restricting outbound connections by binary seems an effective way to detect and stop malicious activity:

https://www.reddit.com/r/archlinux/comments/1me632m/is_this_another_aur_infect_package/

#1290

So yes, totally worth it.

Yes, you can integrate it with SIEM tools: https://github.com/evilsocket/opensnitch/wiki/SIEM-integration

View full answer

Replies: 1 comment 1 reply

gustavo-iniguez-goya
Aug 2, 2025
Collaborator

Well, restricting outbound connections by binary seems an effective way to detect and stop malicious activity:

https://www.reddit.com/r/archlinux/comments/1me632m/is_this_another_aur_infect_package/

#1290

So yes, totally worth it.

Yes, you can integrate it with SIEM tools: https://github.com/evilsocket/opensnitch/wiki/SIEM-integration

1 reply

@hatscode

hatscode Aug 14, 2025
Author

Okay. Thank you

I'll work on it ASAP

Answer selected by hatscode

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Is OpenSnitch worth it? #1405

Uh oh!

{{title}}

Uh oh!

hatscode
Aug 2, 2025

Replies: 1 comment 1 reply

Uh oh!

{{title}}

Uh oh!

gustavo-iniguez-goya
Aug 2, 2025
Collaborator

Uh oh!

{{title}}

Uh oh!

hatscode Aug 14, 2025
Author

Select a reply

Uh oh!

Uh oh!

Is OpenSnitch worth it? #1405

Uh oh!

hatscode Aug 2, 2025

Replies: 1 comment · 1 reply

Uh oh!

gustavo-iniguez-goya Aug 2, 2025 Collaborator

Uh oh!

hatscode Aug 14, 2025 Author

hatscode
Aug 2, 2025

Replies: 1 comment 1 reply

gustavo-iniguez-goya
Aug 2, 2025
Collaborator

hatscode Aug 14, 2025
Author