Mailinglist Archive: opensuse (1425 mails)
| < Previous | Next > |
Re: [opensuse] Re: Interactive Firewall Needed
- From: Anders Johansson <ajohansson@xxxxxxx>
- Date: Wed, 6 May 2009 21:46:54 +0200
- Message-id: <200905062146.55117.ajohansson@xxxxxxx>
On Wednesday 06 May 2009 21:11:02 Jim Henderson wrote:
ZoneAlarm's big idea is to protect against outgoing connections. In other
words, when it steps in with its "unique" features, it's already too late
To prevent applications from opening illicit outgoing connections, run it with
apparmor, which is capable of preventing an application from doing just about
anything that you haven't previously allowed.
The normal iptables based firewall is enough to protect against incoming
connections.
Anders
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Yeah, and which is the more critical part of an OS installation, the
actual OS installation, or the data that a user stores under their own
username?
Reinstalling the OS takes, what, 45 minutes? Recovering lost data
because of a rogue app can take much longer, especially on personal home
systems because most users don't do backups of their data on their home
machines. Yes, they should, but that's not really the point.
ZoneAlarm's big idea is to protect against outgoing connections. In other
words, when it steps in with its "unique" features, it's already too late
To prevent applications from opening illicit outgoing connections, run it with
apparmor, which is capable of preventing an application from doing just about
anything that you haven't previously allowed.
The normal iptables based firewall is enough to protect against incoming
connections.
Anders
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |