|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Martin Stricker (shugal
gmx.de)Date: Tue Mar 05 2002 - 18:34:32 CST
Olin Sibert wrote:
> Programs like BlackIce get almost all the way there, except they seem
> to be only port-based, not address-based. To avoid each user having
> to make all the choices, one might distribute configuration files with
> known unresirable locations already listed. It might also be possible
> for the warning to "score" the warning in some way (e.g., if the
> program is not a known browser, it's somewhat more suspicious for it
> to be talking to a web server).
>
> Have I missed sme great piece of software that does this already
> (Linux or Windows), or is this an unmet need?
Linux kernel firewalling, especially the iptables (availabe only in
kernel 2.4.*). With iptables you can even search the packets for a
string and deny/allow on that! There is a mailimg list about iptables
and netfilter:
archive: http://lists.samba.org/pipermail/netfilter/
subscribe: http://lists.samba.org/listinfo/netfilter
Best regards,
Martin Stricker
-- Homepage: http://www.martin-stricker.de/ Red Hat Linux 7.2 for low memory: http://www.freesoftware.fsf.org/rule/ Registered Linux user #210635: http://counter.li.org/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]