Re: [fw-wiz] Personal Firewall Rules
From: Ng Pheng Siong (ngps_at_netmemetic.com)
Date: 07/26/04
- Previous message: Vinicius Moreira Mello: "Re: [fw-wiz] Personal Firewall Rules"
- In reply to: Marcus J. Ranum: "Re: [fw-wiz] Personal Firewall Rules"
- Next in thread: mlh_at_zipworld.com.au: "Re: [fw-wiz] Personal Firewall Rules"
- Reply: mlh_at_zipworld.com.au: "Re: [fw-wiz] Personal Firewall Rules"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Marcus J. Ranum" <mjr@ranum.com> Date: Mon, 26 Jul 2004 11:08:20 +0800
On Sun, Jul 25, 2004 at 01:56:06PM -0400, Marcus J. Ranum wrote:
> - if you must allow something incoming allow it only to software
> you have good reason to trust
I use Kerio 2.x. It keeps (MD5?) checksums of network-using executables
(both clients and servers) and warns you "program xxx.exe has changed, do
you want to continue?" when you replace such a program, e.g., after
upgrading IE.
On a consumer Windows box, this might be the right balance between no
checking of executables and accounting for every file and every registry
entry a la Tripwire and clones, perhaps coupled with public repositories of
MD5 digests for "well-known" programs. (I think I saw such a thing before.
Anyone has a URL handy?)
Cheers.
-- Ng Pheng Siong <ngps@netmemetic.com> http://firewall.rulemaker.net -+- Cisco PIX & Netscreen Config Version Control http://sandbox.rulemaker.net/ngps -+- M2Crypto, ZServerSSL for Zope, Blog _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Vinicius Moreira Mello: "Re: [fw-wiz] Personal Firewall Rules"
- In reply to: Marcus J. Ranum: "Re: [fw-wiz] Personal Firewall Rules"
- Next in thread: mlh_at_zipworld.com.au: "Re: [fw-wiz] Personal Firewall Rules"
- Reply: mlh_at_zipworld.com.au: "Re: [fw-wiz] Personal Firewall Rules"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
