Firewall
Moderator: Moderator Team
-
- Posts: 16
- Joined: Sat Nov 05, 2005 5:17 am
Firewall
I understand the firewall feature is quite a ways off from a previous post but I was wondering if it would be possible to make the firewall much like ZoneAlarm in the ability to request that a program may have access to the internet rather than messing with ports? Perhaps if we ask nicely ZoneLabs will OK the addition of Zonalarm (free edition) into ReactOS? I don't quite know how licensing works with that though.
Attempts of Open Source Firewalls for Windows:
- http://wipfw.sourceforge.net/
NetDefender firewall of two guys from India.
- http://sourceforge.net/projects/firewallpapi/
- http://winsockfirewall.sourceforge.net/
Well, I don`t have any preferences as I am also used to zonealarm and don`t understand too technical stuff therefore I don`t know which one could or would be a good choice.
But I think that it could be tricky to integrate such a "commercial" freeware into a ros distro. And by the way we all have different favourites of firewalls so why should zonealarm be integrated. You could install it anyway as you can do it right now on your OS.
- http://wipfw.sourceforge.net/
- http://programmerworld.net/personal/firewall.htmWIPFW is a MS Windows operable version of well-known IPFW1 for FreeBSD OS.
NetDefender firewall of two guys from India.
- http://sourceforge.net/projects/firewallpapi/
- http://winsockfirewall.sourceforge.net/
Well, I don`t have any preferences as I am also used to zonealarm and don`t understand too technical stuff therefore I don`t know which one could or would be a good choice.
But I think that it could be tricky to integrate such a "commercial" freeware into a ros distro. And by the way we all have different favourites of firewalls so why should zonealarm be integrated. You could install it anyway as you can do it right now on your OS.
-
- Posts: 16
- Joined: Sat Nov 05, 2005 5:17 am
That's just a question of configuration. A well configured PC doesn't really need a firewall - and yes, I'm talking about Windows XP. And even the integrated firewall of XP is more secure than ZoneAlarm and other personal firewalls.Davethewave wrote:Ok cool I just thought it would be nice intigrated... better than windows anyways. After a clean install on windows as soon as I connect to the internet to attempt to go to the zonealarm site to download it I get worms.
See this page for details.
Simple TDI based firewall: http://tdifw.sourceforge.net/
I don't speak any German.TiKu wrote:That's just a question of configuration. A well configured PC doesn't really need a firewall - and yes, I'm talking about Windows XP. And even the integrated firewall of XP is more secure than ZoneAlarm and other personal firewalls.Davethewave wrote:Ok cool I just thought it would be nice intigrated... better than windows anyways. After a clean install on windows as soon as I connect to the internet to attempt to go to the zonealarm site to download it I get worms.
See this page for details.
In a perfect world, no services would be running that shouldn't be running. But we aren't living in a perfect world, and we need firewalls.
IMO, the firewall should be something like netfilter/iptables. A part of the kernel, and flexible and configurable. Also, the default setup should drop unsolicited packets not coming from 127.0.0.1, unless the user explicitly unblocks a port.
Also, reactos shouldn't contain a proprietary firewall like zonealarm.
TDI sits above tcpip.sys and IMO this is too high.ViRUS wrote:Simple TDI based firewall: http://tdifw.sourceforge.net/
As above, it will be a device driver which are similar to linux kernel modules.IMO, the firewall should be something like netfilter/iptables. A part of the kernel, and flexible and configurable
It will also be fully configurable.
Sorry, should have posted the direct link to the English version of this site: http://www.ntsvcfg.de/ntsvcfg_eng.htmlreub2000 wrote:I don't speak any German.
I agree with you. I'm not totally against firewalls. I just wanted to make clear that it's possible to use Windows XP without a firewall and not getting infected with malware immediately.reub2000 wrote:IMO, the firewall should be something like netfilter/iptables. A part of the kernel, and flexible and configurable. Also, the default setup should drop unsolicited packets not coming from 127.0.0.1, unless the user explicitly unblocks a port.
Also, reactos shouldn't contain a proprietary firewall like zonealarm.
I would also recommend to read http://www.ntsvcfg.de/ntsvcfg_eng.html
and a long time ago I did it.
But isn`t for instance zonealarm also checking which applications are outgoing programs and whether they changed - maybe into a corrupt, hacked application.
Anyway on the following page you can find an application which is based on the knowledge of the previous page. The settings are then done easily by some clicks but still it is of course better to do it manually:
http://www.dingens.org/index.html.en.
(The German site is containing more infos.)
and a long time ago I did it.
But isn`t for instance zonealarm also checking which applications are outgoing programs and whether they changed - maybe into a corrupt, hacked application.
Anyway on the following page you can find an application which is based on the knowledge of the previous page. The settings are then done easily by some clicks but still it is of course better to do it manually:
http://www.dingens.org/index.html.en.
(The German site is containing more infos.)
Initially it won't have application support. It will be developed as a TCP/IP filtering driver (obviously with support for standalone protocols like ICMP too)
Rules will be something along the lines of iptables, and eventually a GUI will be built to automate this.
We're looking a good 12 months into the future here though.
Rules will be something along the lines of iptables, and eventually a GUI will be built to automate this.
We're looking a good 12 months into the future here though.
Who is online
Users browsing this forum: No registered users and 38 guests