This Linux app alerts you when an app tries to connect to the internet – and why that matters

OpenSnitch is a Linux port of the popular MacOS app Little Snitch. This app is essentially an application firewall that tracks network requests from apps, so you can create rules to block or allow those requests.

Why is that important?

Also: 7 things every Linux beginner should know before downloading their first distro

Say, for example, that you’ve installed a Linux app that shouldn’t require internet access (those do still exist). You’re using that app with OpenSnitch running, and it reports that the app has made an outgoing internet connection. What gives? That shouldn’t be the case. It’s possible the app is sending telemetry (which could include information about your activity) to some third party.

You don’t want that.

Also: You can try Linux without ditching Windows first – here’s how

With OpenSnitch, you’ll know when these things occur, and when they do, you can take action to block those outgoing requests. This is a great tool to help you keep your privacy and security intact. Let me show you how to install the app and how it’s used.

How to install OpenSnitch

What you’ll need: I’m going to demonstrate this on Ubuntu Linux 24.04. OpenSnitch can also be installed on Fedora-based distributions, and you’ll only need to modify the installation commands. So, you’ll need a running instance of an Ubuntu-based distribution and a user with sudo privileges. That’s it. Let’s make it happen.

sudo dpkg -i opensnitch*.deb

If that installation errors out, you might need to run the apt command to fix the issue with:

sudo apt-get install -f

sudo dpkg -i python3-opensnitch*.deb

sudo systemctl enable –now opensnitch

Everything should be ready to go.

How to use OpenSnitch

1. Open the app

You should find an entry for OpenSnitch in your desktop menu. Click that entry to start the app. It will most likely open immediately but appear only as an icon in your system tray. Right-click that icon and then select “Open main window.”

2. Check the applications tab

Click the Applications tab in the main window. At first, you probably won’t find any applications listed. Give it time, and apps will start showing up. Some of those apps are obviously legit. However, if you spot an app that clearly shouldn’t be reaching out to the network, you could also check the Hosts tab to see if there are any questionable domains listed. For example, in my output, I see example.org listed. Why is a domain for testing listed? Maybe it shouldn’t be allowed?

Also: My 5 favorite Linux distros for home office desktops – and I’ve tried them all

3. Create a rule

If you spot an app that shouldn’t be calling out to the internet, click the Rules button near the upper left of the window (the icon with the tiny + symbol). Let’s say we want to create a rule that blocks outgoing traffic to example.org. To do that, in the New Rule window, do the following:

• Name – let’s call it example.org.
• Description – blocking outgoing traffic to example.org
• Enable – yes
• Action – deny
• Network tab > “To this host” – www.example.org
• Click Save to save the rule.

At this point, any outgoing traffic to example.org will be blocked.

Also: 7 ways Linux can save you money

You can also create rules for applications by creating a rule in the Applications tab in the New Rule window. Make sure you type the exact path to the executable (you’ll see an example listed) that will instruct OpenSnitch which application the rule applies to.

And that’s it. The one caveat to using OpenSnitch is that you must have it running, and you’ll need to watch the Events tab to see if there’s any unnecessary outgoing traffic.

Also: Want to save your old computer? Try one of these 8 Linux distros for free

Keep watch, and you’ll enjoy a more secure and private Linux experience.

Get the morning’s top stories in your inbox each day with our Tech Today newsletter.