Firewall confusion
in [Suse]
|
Prev: Do I have a Virus?
Next: making an rpm package
From: Stephen Horne on 28 Dec 2009 14:47 Sorry for the repeats - usenet server glitch and retries. Probably Windows fault ;-)
From: Stephen Horne on 28 Dec 2009 15:15 On Mon, 28 Dec 2009 20:41:17 +0100, Peter K�hlmann <peter-koehlmann(a)t-online.de> wrote: >You keep on placing the "troll" on people who actually use linux and post >in a linux group and telling you why things are done less idiotic than in >windows. > >Whereas *you* are a windows user, who incidentally told us that he uses >linux too (you don't, as it is *very* obvious to see) and who keeps on >talking utter rubbish about ZoneAlarm type "firewalls" Ah - it's a definition issue. Anyone who uses software other than Linux, and especially Windows, is automatically a troll. In your mind, it has nothing to do with posting behaviour. And of course you could *never* be accused of personally making this a Linux vs. Windows religious war, eh! >And now your "professional" windows software is spamming us with three >times the same message. The problem was at the server end. I can't know that its fixed without retrying, and I didn't know the earlier attempts had got through until I recieved the dups myself. AFAIK, my ISPs usenet server isn't a Windows box. Nice to see you're always willing to spread extra FUD by broadening your accusations to include "spamming". Not very ambitious, though. Shouldn't you be calling me a Nazi paedophile by now?
From: Günther Schwarz on 28 Dec 2009 15:19 Stephen Horne wrote: > Thanks, Gunther, but this thread is long past any hope of rational > intervention. Past time for it to die - but Death is busy with his Maybe > button ;-) Well, reread it and you will find the keywords you are searching for in order to secure a linux system: iptables, selinux, apparmor (for SUSE), stateful inspection or application layer filtering. I would also add tcp- wrappers here, though these work for incoming connections only. Understanding how these work is your homework now. In case you decide to come back with further questions a more network or security related group might be appropriate. Almost nothing of this is related to SUSE linux specifically. And ignoring ill tempered posts is good practice in Usenet. PS: firestarter covers some of the things your were illustrating with zone alarm. Günther
From: Peter Köhlmann on 28 Dec 2009 15:26 Stephen Horne wrote: > On Mon, 28 Dec 2009 20:41:17 +0100, Peter Köhlmann > <peter-koehlmann(a)t-online.de> wrote: > >>You keep on placing the "troll" on people who actually use linux and >>post in a linux group and telling you why things are done less idiotic >>than in windows. >> >>Whereas *you* are a windows user, who incidentally told us that he uses >>linux too (you don't, as it is *very* obvious to see) and who keeps on >>talking utter rubbish about ZoneAlarm type "firewalls" > > Ah - it's a definition issue. Anyone who uses software other than > Linux, and especially Windows, is automatically a troll. Why then did you try to imply that you also run linux? You know, openly and blatantly lying will not exactly advance your cause. It was plainly obvious from the start that you have no knowledge about linux > In your mind, > it has nothing to do with posting behaviour. It was *you* trying to label people as trolls. People who actually use linux, and post in a linux group. Whose only "error" was to recognize your bullshit and tell you about it > And of course you could *never* be accused of personally making this a > Linux vs. Windows religious war, eh! It was you who was not smart enough to recognize when people got pissed off when you kept on promoting your imbecile ZoneAlarm type idea. There are reasons why several "ideas" from the windows world never got implemented in linux. The main reason being that it is incredibly stupid to do it that windows way >>And now your "professional" windows software is spamming us with three >>times the same message. > > The problem was at the server end. I can't know that its fixed without > retrying, and I didn't know the earlier attempts had got through until > I recieved the dups myself. Translation: You were in such a hurry... > AFAIK, my ISPs usenet server isn't a Windows box. Irrelevant > Nice to see you're always willing to spread extra FUD by broadening > your accusations to include "spamming". Not very ambitious, though. > Shouldn't you be calling me a Nazi paedophile by now? I never would want to insult those "Nazi paedophiles" -- Designed for Windows. No user serviceable parts inside. By design
From: Holger Petersen on 28 Dec 2009 15:23
Stephen Horne <sh006d3592(a)blueyonder.co.uk> writes: >And lets be honest - the ZoneAlarm approach, flawed as it is, works a >whole lot better than having no restrictions at all on which >applications can access the internet. Just take a look at: http://www.matousec.com/projects/proactive-security-challenge/results.php and admire the horrible test-Results for zonealarm: only 11% blocked of the hole test-suite on the free version even only 72% blocked with the Pro-version Yes, there are 2 (in words: tho) of 35 products which blocked 100% of the 84 Test-Cases. Imagine some hacker getting a 85th way... Yours, Holger |