Mailinglist Archive: opensuse (1425 mails)
| < Previous | Next > |
[opensuse] Re: Interactive Firewall Needed
- From: Jim Henderson <hendersj@xxxxxxxxx>
- Date: Fri, 8 May 2009 03:47:09 +0000 (UTC)
- Message-id: <gu09vs$toc$1@xxxxxxxxxxxxx>
On Thu, 07 May 2009 22:21:59 -0500, Rajko M. wrote:
Very true, and personally, I haven't looked at the paid version - the
free version did enough for me.
Interestingly, I received a couple of replies off-list (perhaps the
sender meant to send them on the list but didn't) suggesting that using
Wireshark was trivially simple and anyone should be able to learn to use
it.
The individual also suggested that programs that don't do a setup as a
post-installation script when the RPM is installed are developed wrong.
It seemed odd to me that (a) the idea of using a more complex piece of
software like Wireshark - which requires root privileges to do capturing
- rather than a popup that says "Application FooBar wants to talk to the
Internet, allow it?" was a good thing. I supposxe because making a
system easy to use is evil. <shrug>
I've worked with networked computers for some 20 years and have done LAN
analysis with programs and products that pretty much run the gambit, and
I certainly think Wireshark is the best of the best out there. But at
the same time, it has taken years of working with tools like that to know
without extensive research whether:
Transmission Control Protocol, Src Port: 790 (790), Dst Port: shilp
(2049), Seq: 141, Ack: 20613, Len: 0
is something I should expect or not on my network.
To ask that every person who uses a computer be trained to perform
network analysis of their applications "if they're really interested in
security" is frankly nonsense.
(b) That rather than put technological measures in place to quarantine
programs that are poorly developed, it is better to say "don't use
programs that are poorly developed" and then blame the user when one of
those programs does something unexpected or behaves badly.
To me that seems like a really bad idea.
Jim
--
Jim Henderson
Please keep on-topic replies on the list so everyone benefits
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
On Thursday 07 May 2009 09:20:05 pm Jim Henderson wrote:
So perhaps a good "solution" would be further enhancement and
simplification of the AppArmor administrative interfaces with an eye
towards making those interfaces usable for people who don't spend their
lives in front of a computer. :-)
Exactly that.
I suppressed temptation to start commenting on AppArmor configuration
module that is behind ZA approach. Once again, to see how it works, and
evaluate it one has to use paid for version. The free one is not much
more then firewall.
Very true, and personally, I haven't looked at the paid version - the
free version did enough for me.
Interestingly, I received a couple of replies off-list (perhaps the
sender meant to send them on the list but didn't) suggesting that using
Wireshark was trivially simple and anyone should be able to learn to use
it.
The individual also suggested that programs that don't do a setup as a
post-installation script when the RPM is installed are developed wrong.
It seemed odd to me that (a) the idea of using a more complex piece of
software like Wireshark - which requires root privileges to do capturing
- rather than a popup that says "Application FooBar wants to talk to the
Internet, allow it?" was a good thing. I supposxe because making a
system easy to use is evil. <shrug>
I've worked with networked computers for some 20 years and have done LAN
analysis with programs and products that pretty much run the gambit, and
I certainly think Wireshark is the best of the best out there. But at
the same time, it has taken years of working with tools like that to know
without extensive research whether:
Transmission Control Protocol, Src Port: 790 (790), Dst Port: shilp
(2049), Seq: 141, Ack: 20613, Len: 0
is something I should expect or not on my network.
To ask that every person who uses a computer be trained to perform
network analysis of their applications "if they're really interested in
security" is frankly nonsense.
(b) That rather than put technological measures in place to quarantine
programs that are poorly developed, it is better to say "don't use
programs that are poorly developed" and then blame the user when one of
those programs does something unexpected or behaves badly.
To me that seems like a really bad idea.
Jim
--
Jim Henderson
Please keep on-topic replies on the list so everyone benefits
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |