netblue30

channel image

netblue30

netblue30

subscribers

A secure Tor Browser setup example: Firejail version 0.9.68, Debian 11. It should work the same on any other Linux distribution. The steps are as follows:

1. Download Tor Browser from https://torproject.org

2. Assuming the archive was downloaded in ~/Downloads directory, extract the files:

$ cd ~
$ tar -xvf Downloads/tor-browser-linux64-X.Y.Z.tar.xz

3. Find the name of your Ethernet interface:

$ ip addr show

4. Create a desktop starter in ~/Desktop directory:

$ cat ~/Desktop/tor.desktop
[Desktop Entry]
Name=tor
Icon=/home/USERNAME/tor-browser_en-US/Browser/browser/chrome/icons/default/default128.png
Terminal=false
Type=Application
Exec=firejail --name=tor --private=~/tor-browser_en-US --net=INTERFACE ./start-tor-browser.desktop

Replace USERNAME with your user name, and INTERFACE with the name of your Ethernet interface you found on step 3.

5. Start the browser by clicking the tor icon on your desktop. This is the default setup, also available for older Firejail versions.

6. Optionally, lock down your network by adding --netlock on your exec line in the starter.

Firejail is the best option for sandboxing browsers and advanced privacy tools such as Tor. We depend largely on community members to help us push this technology further. Join us at https://github.com/netblue30/firejail

Many people believe that browser security is difficult. I created this guide as an overview of Firejail sandboxing technology. The goal is to show you that security can be simple and fun.

The video guide is structured as a hacking session. The victim is running a sandboxed browser. An imaginary zero-day exploit gives the attacker control of the sandbox in the form of a remote shell. Let’s see what damage we can do. And maybe, reconfigure the sandbox so the victim can survive the aftermath of such an attack.

Link to exploit from the video: https://www.trustnodes.com/2019/08/09/coinbase-foils-hack-with-firefox-0-day
Sandbox command: firejail --name=browser --dns=9.9.9.9 --net=enp3s0 --netfilter=/etc/firejail/nolocal.net firefox
Firejail website: https://firejail.wordpress.com

In this video I'll show you how to disable network access for sandboxed applications with Firejail on Linux systems.

Firejail project: https://github.com/netblue30/firejail
Firejail website: https://firejail.wordpress.com

This is a small excerpt from a ISC Security Series webinar titled "Securing Bind 9 with AppArmor and Firejail". ISC is a non-profit organization that develops several widely used open source software packages such as BIND 9, ISC DHCP, and Kea DHCP.

Original video: https://www.youtube.com/watch?v=Cez-RkSQEHY
Securing Bind 9 - ISC Webinar Series: https://www.isc.org/blogs/bind-security-webinar-series-2021/

Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It includes security profiles for over 1000 common Linux applications such as Firefox, Chromium, Transmission, VLC etc.

AppImage is a Linux distribution agnostic format used by many software developers to package their programs. In this video I show you how to handle appimages in Firejail security sandbox. For more information, check https://firejail.wordpress.com/documentation-2/appimage-support/

Desktop starter (from the video):

$ cat ~/Desktop/kdenlive.desktop
[Desktop Entry]
Name=kdenlive
Exec=/usr/bin/firejail --net=none --appimage /opt/kdenlive-20.12.2-x86_64.appimage
Icon=/home/netblue/config/kdenlive.svg
Terminal=false
Type=Application

No Copyright Music: https://www.youtube.com/watch?v=T8RnpyjepTA
AppImage website: https://appimage.org
AppImage Hub: https://appimagehub.comFirejail website: https://firejail.wordpress.com
Firejail website: https://firejail.wordpress.com
Software development: https://github.com/netblue30/firejail
Support: https://github.com/netblue30/firejail...

Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It includes security profiles for over 1000 common Linux applications such as Firefox, Chromium, Transmission, VLC etc.

In this video I describe a simple method for building Firejail security profiles for new applications.

Firejail website: https://firejail.wordpress.com
Software development: https://github.com/netblue30/firejail
Support: https://github.com/netblue30/firejail/issues

Credits:

Music: https://www.wikiloops.com/backingtrack-jam-16788.php
Narration: https://www.readspeaker.com/
Narration: https://readloud.net/

FDNS is a DNS-over-HTTPS and DNS-over-TLS proxy server targeted at small networks and Linux desktops. To speed up the name resolution FDNS caches the responses, and uses a configurable adblocker and privacy filter to cut down the unnecessary traffic. In this video I describe how to install, configure and integrate FDNS with Firejail security sandbox.

Webpage: https://firejaildns.wordpress.com​
Development: https://github.com/netblue30/fdns​
Support: https://github.com/netblue30/fdns/issues​

In this video I describe some of the most common security setups for Mozilla Firefox browser. You can find more information on our website here:
https://firejail.wordpress.com/documentation-2/firefox-guide/

An in dept look at Firejail security profiles by @SkewedZeppelin, a member of Firejail team.

Divested Computing Group © 2014-2021, CC BY-SA 4.0, https://divested.dev​
FIrejail website: https://firejail.wordpress.com​

Au nom de l'équipe Firejail, je tiens à remercier Paf LeGeek pour l'excellente présentation de notre projet. Ceci est une copie de la vidéo originale publiée sur YouTube.

Paf LeGeek video: https://www.youtube.com/watch?v=0LbEl3oLKUs
YouTube channel: https://www.youtube.com/channel/UCCSHWqosFfYJY5v2WqbTLhg

This is an excrept from a Firejail/AppArmor/SELinux presentation by Aaron Jones at Phoenix Linux User Group meeting on October 18, 2018.

Phoenix Linux User Group: https://www.meetup.com/Phoenix-Linux-Users-Group/
Aaron Jones web page:https://retro64xyz.gitlab.io/presentations/2018/10/16/firejail-and-apparmor/
Original video by Brian Cluff: https://www.youtube.com/watch?v=JFjXvIwAeVI

A short introduction to Firejail by DJ Ware. This is a mirror of https://www.youtube.com/watch?v=MVLrclfbS4U

DJ Ware YouTube channel: https://www.youtube.com/channel/UC05XpvbHZUQOfA6xk4dlmcw

This is the graphical user interface of Firejail security sandbox, part of Firetools software package.

Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It includes security profiles for over 800 common Linux applications such as Firefox, Chromium, Transmission, VLC etc.

Firejail website: https://firejail.wordpress.com
Firetools website: https://firejailtools.wordpress.com
Software development: https://github.com/netblue30/firejail
Music: DJ ZsuZsu & Klischée – Mega Run
DJ ZsuZsu - https://www.youtube.com/channel/UC6N9JahGxKTXAuA_eHvbNjw
Klischée - https://www.youtube.com/user/leklischee

This howto describes how to install Firejail security sandbox on a Debian or Ubuntu system.

The steps are as follows:

1. Install Firejail software using apt/apt-get package manager:
$ sudo apt-get install firejail

2. Configure the sandbox - this step integrates the sandbox with your desktop manager.
$ sudo firecfg

3. Enable AppArmor. Starting with version 0.9.62, AppArmor is enabled automatically during configuration (step 2 above).
$ sudo apparmor_parser -r /etc/apparmor.d/firejail-default

Firejail website: https://firejail.wordpress.com
Software development: https://github.com/netblue30/firejail

This video describes how to install and run Firejail Security Sandbox on Arch Linux systems.

The steps are as follows:

1. Install Firejail software using pacman package manager:
$ sudo pacman -S firejail

2. Configure the sandbox - this step integrates the sandbox with your desktop manager.
$ sudo firecfg

3. Enable AppArmor. Starting with version 0.9.62, AppArmor is enabled automatically during configuration (step 2 above).
$ sudo apparmor_parser -r /etc/apparmor.d/firejail-default

Originally published by AddictiveTipsTV: https://www.youtube.com/watch?v=ds7CcnEIZ-4
AddictiveTips website: https://addictivetips.com
Firejail website: https://firejail.wordpress.com

Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It includes security profiles for over 800 common Linux applications such as Firefox, Chromium, Transmission, VLC etc.

Narration: Linux Unplugged Podcast (https://linuxunplugged.com/)
Firejail website: https://firejail.wordpress.com
Software develpment: https://github.com/netblue30/firejail

Firejail sandbox as featured on Linux Luddites Podcast, July 11 2016.

Linux Luddites Podcast: https://linuxluddites.com
Firejail website: https://firejail.wordpress.com
Software development: https://github.com/netblue30/firejail

SHOW MORE

Created 5 years, 1 month ago.

17 videos

Category Science & Technology

Over at https://firejail.wordpress.com we develop Firejail, an universal Linux security sandbox.

Firejail is a community project. We are not affiliated with any company, and we don’t have any commercial goals. Our focus is the Linux desktop. Home users and Linux beginners are our target market. The software is built by a large international team of volunteers on GitHub at https://github.com/netblue30/firejail. Expert or just regular Linux user, you are welcome to join us!