On Saturday 29 August 2020 01:10:15 Dr. Nikolaus Klepp wrote:
> Hi Bill!
>
> Anno domini 2020 Fri, 28 Aug 17:06:31 -0700
>
>  William Morder via trinity-users scripsit:
> > Okay, so a new thread, as things have changed and progressed somewhat,
> > but now I have new problems.
> >
> > I got my system restored *almost* to how I want it, but some things have
> > changed in my system, and I did not make those changes.
> >
> > #1 - When installing, I deliberately chose *not* to set a root password;
> > since nobody else ever gets to touch my system, it is enough that my user
> > password is granted root privileges when I use sudo or su.
>
> Always set a root password, even it's 123456789. Not all programs accept
> root without password.

Yeah, I tried that, but I always end up with this same problem. When I tried 
setting a root password before (because it always seemed like the *right* 
answer), I got this same result. 

When I made the move from Kubuntu to Debian, I went through this root-password 
thing at least 5 or 6 times. I always ended up with a system where I could 
not be granted admin or root privileges ... EXCEPT in a sudo su shell! So 
that's what I usually do: I create a sudo su shell, then exit and allow 
permissions to expire, then when I need quick access again, I just hit my UP 
arrow key, re-enter password, and go back into sudo su to kill something or 
whatever else needs immediate attention. 

Now, it would be nice to crack this nut, once and for all, but I don't want to 
keep asking my own machine for permission to do things. The question is, 
which of us is master? 

>
> > Anyway, so now, suddenly, I am asked for the root password in order to
> > run gufw and other such stuff. But when I enter my password, I get a
> > message that the password is incorrect. This happened before, long ago,
> > when I first switched from (k)ubuntu to debian; debian seems to have a
> > stricter default policy, which is probably a good thing, and I probably
> > ought to get the hang of this thing, right?
> >
> > So I need an easier solution than whatever this is that I am doing (or
> > not doing). I have been combing through my Linux pocket guide and Linux
> > in a Nutshell and Linux Bible, etc., but they all say the same thing, and
> > none of them work.
> >
> > #2 - I still want a graphical firewall that runs like the old
> > Firestarter; gufw isn't quite what I want, or maybe I just haven't yet
> > configured it properly.
>
> didn't know Firestarter, but it loks nice for a firewall. I have to admit I
> don't like linux firewall (I prefer the BSD way). Anyway, I use "ufw" - it
> has a nice GUI, depending on your text editor :)
>
> > What I want is not just a GUI, but instead, one that displays *active
> > connections* as they appear and disappear, and allows changing rules on
> > the fly. Is there such a thing?
>
> "fierwall-applet" could be what you want, but it drags in a hole bunch of
> things.
>
Will check it out, thanks. 

> > Running it in a terminal would suit me just fine, so long as it is a
> > dynamic display of active connections as they occur. Also an easier way
> > to edit iptables. (I read that there is some new "thing" to replace
> > iptables, meaning that ufw and gufw and their kin will all become
> > obsolete very soon, apparently being phased out, and I had a hard time
> > downloading them.)
> >
> > Another possible fix would be: to pass my firestarter rules (based on
> > iptables) along to ufw/gufw.
>
> gufw? a gui for ufw? Abomoination!
> That could definitly be done. Are you in for a bit of shell black magic?
>

I am always prepared for some black magic. That is why I keep my *Linux in a 
Nutshell* grimoire always close to hand. Oh, and salt, burning sulfur, 
candles and incense, and some cats. 

I used to keep goats and chickens, but nowadays my landlord is always 
complaining. 

Seriously, whatever you can recommend to get me back "in control" of the 
Mother Ship. 

Thanks a bunch! 

> > But anyway, what I want is to see my active connections. (See enclosed
> > screenshot.)
> >
> > Any help or comments or suggestions are appreciated. If not, at least a
> > good joke.
>
> Windows guys suggest to run a firewall in amazon cloud and send all your
> network through it. I still have not figured out if tis is a bad joke or
> that they actully do, but I have the strong feeling this is a seriouse
> advise (there are commertial offers for this kind of stuff).

It sounds like these kids forget everything about security, privacy, whenever 
somebody says the word "cloud" -- then it's all okay. 

>
> > Bill
> >
> > P.S. The worst insult is, just before my upgrade, I had got my Jessie
> > system fine-tuned to near-perfection, and was feeling rather smug and
> > virtually bulletproof. On the bright side: Beowulf/Buster does seem to
> > run better, overall, except for when I can't get it to DO WHAT I WANT.
> >
> > :-\
> >
> > See screenshot for firewall example.