[ros-general] Re: TDI-Based Open Source Personal Firewall

Murphy, Ged (Bolton) MurphyG at cmpbatteries.co.uk
Tue Nov 15 08:42:32 UTC 2005 

Current thoughts are either an an intermediate NDIS driver, or implementing
WFP / WSK.
 
Either way they will both operate at the lower end of the network stack for
maximum security.
 
-----Original Message-----
From: crashfourit [mailto:crashfourit at gmail.com] 
Sent: 15 November 2005 02:46
To: ReactOS General List
Subject: Re: [ros-general] Re: TDI-Based Open Source Personal Firewall


I would say that the firewall needs to be integrated with the TCP/IP stack
and the network API.  This could give better protection for the end user,
but it could come with a curse. To do this, we would need to make sure that
eliminate, as much as possible, the possibility of double free and buffer
overflow attacks. Also, there need to be an option to log were all the
traffic is coming from or going to. In addition, it needs filter, including
incoming traffic, outgoing traffic. Also, it need to be able to destignuish
between trusted addapters and non-trusted addapter with various levels
between them. It would also be nice to have the option to filter out most
everything when the screensaver is on or after a certain user inactivity
period.

Michael B. Trausch wrote:


Richard Campbell wrote:

  

That's your opinion.



Do you know that on this box i've never run a firewall or a virus

scanner?  Occasionally i'll run a web based scanner to check suspicious

files, etc. but i've never found need for a firewall/virus scanner.  As

long as you stay up to date and don't run questionable files you are

fine.  A firewall is not NEEDED as long as the OS is properly configured

and working.



Richard



    



Many users of Windows like things that "just work."  That includes virus

protection and the like.  While I shy away from questionable files and

practices, sometimes prohibitively so, I retain a current, updated virus

scanner on my machine, "just in case."  People I work with aren't always

as careful as I am, and I've found one or two (relatively harmless)

things that way.  It doesn't bother me much, but it is nice to have.

Nobody's perfect.



As far as a firewall... I don't like software firewalls, but many do.

They like their functionality to block things and whatnot.



Also, people just aren't careful.  They don't care.  They click away,

and everything else.  That's 70%, if not more, of the computer users

that you have out there.  If those people aren't protected out of the

box, odds are they won't be -- and that puts the rest of us at risk,

especially if they get something that can do nasty bandwidth hogging things.



When you're talking about "real" end-users, firewalls and virus software

are a must.  They are there to prevent the Internet from falling apart,

in many ways, and while I don't like the fact that they are necessary at

all, they are, and that's a result of the world we live in.



	- Mike



  


   _____  


_______________________________________________

ros-general mailing list

ros-general at reactos.org <mailto:ros-general at reactos.org> 

http://www.reactos.org/mailman/listinfo/ros-general
<http://www.reactos.org/mailman/listinfo/ros-general> 

************************************************************************
The information contained in this message or any of its
attachments is confidential and is intended for the exclusive
use of the addressee. The information may also be legally
privileged. The views expressed may not be company policy,
but the personal views of the originator. If you are not the
addressee, any disclosure, reproduction, distribution or other
dissemination or use of this communication is strictly prohibited.
If you have received this message in error, please contact
postmaster at exideuk.co.uk 
<mailto:postmaster at exideuk.co.uk> and then delete this message. 

Exide Technologies is an industrial and transportation battery
producer and recycler with operations in 89 countries.
Further information can be found at www.exide.com


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://reactos.org/pipermail/ros-general/attachments/20051115/51c31025/attachment.htm>

More information about the Ros-general mailing list