ZoneAlarm-type firewall for Linux?
Kenneth
madhse at yahoo.com
Tue May 9 12:25:00 MST 2006
> ZoneAlarm will, as I said before, catch *any* new program trying to
> connect to the Internet. It does not just filter based on ports, but on
> the originating executable. So I can use Firefox all day, but if I put in
> a new version, ZoneAlarm will recognize that and block it until I
> say it's OK.
I don't have an answer for you original question. I've never heard of
anything like this being developed for Linux. There's an option to the kernel
to allow user-space packet filtering, if I remember correctly and understood
the help message correctly so I might be possible to do it.
I do feel I need to add that zonealarm and the others like it really do more
for the sense of security than real security. I can't remember the group or
the poster's name, but there is a German guy on one of the security or
networking Usenet groups who is always arguing this with people. There is a
very easy way for a program on Windows to circumvent this sort of outbound
filtering. The German guy regularly provides links to proof-of-concept code
he wrote to demonstrate the technique.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the PLUG-discuss
mailing list