Re: Personal firewall like Zone Alarm: is it exists?



Phil Sherman <psherman@xxxxxxxxxxxxx> wrote:

ant wrote:
On 25 Nov, 14:49, General Schvantzkoph <schvantzk...@xxxxxxxxx> wrote:
On Sat, 24 Nov 2007 23:43:41 -0800, ant wrote:
Hello,
I'm looking for a software like Zone Alarm (personal firewall) that
works on Linux. Can you help me?
Which distro are you using? Every distro that I know of has firewall
configuration built in. In Fedora it's under the menu item system/
administration/Firewall and SELinux.

I'm using openSuse 10.3. I know netfilter, but I'm looking for a
personal firewall
that notify me when an application requires access to the Internet.

That's going to be a big problem. In the Win environment, software
gets installed without your knowledge or requires access to the
internet when you aren't expecting it. Firewall software like Zone
Alarm intercepts internet traffic and "holds" it for your
approval/rejection. Linux wisely reserves maintaining the firewall to
root; which means that you should send the messages to root which
wouldn't show up unless you are using your system as root - a dubious
practice.

It could be done using DBus for communication with the user.


All Linux software I've seen has always included documentation that
states what IP (or UDP) port(s) will be needed to properly use the
software. I believe that most Linux administrators want to keep tight
control over installed software, not make on-the-fly decisions to
allow internet access to random pieces of code.

Maybe it could be useful for some diagnostic purpose. But it can't
provide any protections against malicious software as it is quite easy
to use other harmless software to send out the data.


Florian
--
<http://www.florian-diesch.de/>
-----------------------------------------------------------------------
** Hi! I'm a signature virus! Copy me into your signature, please! **
-----------------------------------------------------------------------
.