The team behind Little Snitch has built a Linux version of their popular network monitoring tool, addressing a critical gap in Linux privacy software. After testing Ubuntu on older hardware, the developer found existing solutions like OpenSnitch inadequate for visualizing process connections with single-click blocking. The new tool uses eBPF for kernel-level traffic interception, offering high performance and portability.

Built with Rust for the backend and a web-based UI, the application allows monitoring remote Linux servers from any device, including Macs. The kernel component is open source, while the backend remains proprietary to protect 20 years of accumulated expertise. Development focused on Ubuntu 25.10 with kernel 6.17, though compatibility down to kernel 5.17 is theoretically possible.

Testing revealed Ubuntu's network behavior is surprisingly quiet compared to macOS, with only 9 system processes making connections over a week versus macOS's 100+. However, pre-installed Firefox immediately connected to telemetry and advertising servers. The tool sits between Little Snitch Mini and full Mac version in features, focusing on privacy rather than security due to eBPF limitations. LibreOffice emerged as a notable exception, making no network connections at all during testing.