[24569] in bugtraq
Re: PCFriendly DVD Backchannel
daemon@ATHENA.MIT.EDU (Martin Stricker)
Wed Mar 6 17:26:49 2002
Message-ID: <3C856418.542888CE@gmx.de>
Date: Wed, 06 Mar 2002 01:34:32 +0100
From: Martin Stricker <shugal@gmx.de>
MIME-Version: 1.0
To: Olin Sibert <wos@oxford.com>, bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Olin Sibert wrote:
> Programs like BlackIce get almost all the way there, except they seem
> to be only port-based, not address-based. To avoid each user having
> to make all the choices, one might distribute configuration files with
> known unresirable locations already listed. It might also be possible
> for the warning to "score" the warning in some way (e.g., if the
> program is not a known browser, it's somewhat more suspicious for it
> to be talking to a web server).
>
> Have I missed sme great piece of software that does this already
> (Linux or Windows), or is this an unmet need?
Linux kernel firewalling, especially the iptables (availabe only in
kernel 2.4.*). With iptables you can even search the packets for a
string and deny/allow on that! There is a mailimg list about iptables
and netfilter:
archive: http://lists.samba.org/pipermail/netfilter/
subscribe: http://lists.samba.org/listinfo/netfilter
Best regards,
Martin Stricker
--
Homepage: http://www.martin-stricker.de/
Red Hat Linux 7.2 for low memory: http://www.freesoftware.fsf.org/rule/
Registered Linux user #210635: http://counter.li.org/
