Application level filtering
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| ufw |
Confirmed
|
Wishlist
|
Unassigned | ||
Bug Description
Distro Version: Ubuntu 16.04 LTS
UFW Version: 0.35-0ubuntu2
iptables Version: 1.6.0-2ubuntu3
Currently the ufw software is unable to perform application level filtering protection of traffic. So once you open the port to a specific protocol and ip address then any software can use it. Which can potentially be a security vulnerability risk if the port is needed (or required) but a malicious program were to use it as well. Especially if it is one that needs to be opened for common web browsing or web hosting activities.
However if the ufw were capable of providing application level filtering of traffic it could really help to boost security of all systems with it installed, configured and running. It would as a result then harden the Ubuntu Linux even further than without. As well as provide even more information to those administering systems as connections for applications which are blocked would be logged.
So can the ufw software be updated in time for the release of 18.04 LTS? May be worth an exception by those responsible for project management.
| description: | updated |
| description: | updated |
| description: | updated |
| description: | updated |
| information type: | Private Security → Public |
| tags: | removed: administration application filtering level security ufw |
| Changed in ufw: | |
| importance: | Undecided → Wishlist |
| status: | New → Confirmed |
