On Wed, 06 May 2009 21:46:54 +0200, Anders Johansson wrote:
On Wednesday 06 May 2009 21:11:02 Jim Henderson wrote:
Yeah, and which is the more critical part of an OS installation, the actual OS installation, or the data that a user stores under their own username?
Reinstalling the OS takes, what, 45 minutes? Recovering lost data because of a rogue app can take much longer, especially on personal home systems because most users don't do backups of their data on their home machines. Yes, they should, but that's not really the point.
ZoneAlarm's big idea is to protect against outgoing connections. In other words, when it steps in with its "unique" features, it's already too late
I disagree. How many times have you (not you, Anders, but "you" in the general sense) installed a program and not known every time it opens an outbound connection? Would you expect, say, Inkscape, to need a network connection for anything?
To prevent applications from opening illicit outgoing connections, run it with apparmor, which is capable of preventing an application from doing just about anything that you haven't previously allowed.
Hands up, all the "normal users" (not the experts in system configuration) who understand how to configure AppArmor. :-) (FWIW, AppArmor configuration is part of Novell's Certified Linux Engineer certification - the final certification in SUSE Linux certifications - considered a highly advanced topic).
The normal iptables based firewall is enough to protect against incoming connections.
Sure. That doesn't mean you can't protect against outgoing connections as well. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org