Mailinglist Archive: opensuse (3100 mails)
| < Previous | Next > |
Re: [SLE] Re: SUSE Firewall primitive shadow of ZoneAlarm in interactive user-control
- From: "Andre Truter" <andre.truter@xxxxxxxxx>
- Date: Fri, 31 Mar 2006 18:51:43 +0200
- Message-id: <173f0b9f0603310851q62de9ddaqd914307e8e34df81@xxxxxxxxxxxxxx>
On 3/31/06, Adam Tauno Williams <adam@xxxxxxxxxxxxxxxx> wrote:
>
> > I understand that the original issue was the fact that the user are
> > not being notified of which applications are trying to get outside
> > access. (Not just a user-friendly GUI for a firewall - there are amy
> > out there, like Firewall Builder for instance)
> > My point is that just the fact that someone wants to know which local
> > applications wants outside access tells me that they are looking in
> > the wrong place for security.
>
> You still don't get it. This isn't about looking anywhere for security.
> Applications may have perfectly legitimate reasons for opening network
> connections, so you think them just silently failing and having to grep
> syslog to find out a packet was tossed is a good thing?
>
No, why would they fail?
I never said that you should block ANY traffic going outside.
My whole point is that you should NOT focus on traffic going outwards,
but rather focus on atacks from the outside, because that is where the
bigger risk is for a Linux system.
I do not block any outgoing traffic, so why would I want to have a
pop-up informing me that application XYZ wants access to the outside
world. The app already have access.
I trust my own machine, but I do not trust all other machines, that is
why I have my firewall set up to protect my box from outside access
and not the other way around.
--
Andre Truter | Software Engineer | Registered Linux user #185282
ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.co.za
~ A dinosaur is a salamander designed to Mil Spec ~
>
> > I understand that the original issue was the fact that the user are
> > not being notified of which applications are trying to get outside
> > access. (Not just a user-friendly GUI for a firewall - there are amy
> > out there, like Firewall Builder for instance)
> > My point is that just the fact that someone wants to know which local
> > applications wants outside access tells me that they are looking in
> > the wrong place for security.
>
> You still don't get it. This isn't about looking anywhere for security.
> Applications may have perfectly legitimate reasons for opening network
> connections, so you think them just silently failing and having to grep
> syslog to find out a packet was tossed is a good thing?
>
No, why would they fail?
I never said that you should block ANY traffic going outside.
My whole point is that you should NOT focus on traffic going outwards,
but rather focus on atacks from the outside, because that is where the
bigger risk is for a Linux system.
I do not block any outgoing traffic, so why would I want to have a
pop-up informing me that application XYZ wants access to the outside
world. The app already have access.
I trust my own machine, but I do not trust all other machines, that is
why I have my firewall set up to protect my box from outside access
and not the other way around.
--
Andre Truter | Software Engineer | Registered Linux user #185282
ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.co.za
~ A dinosaur is a salamander designed to Mil Spec ~
| < Previous | Next > |