On Fri, 17 Aug 2007 19:15:06 +0100 Joe <[EMAIL PROTECTED]> wrote: [snip]
> A few points I think should be mentioned that have not yet been: > > Egress filtering in Windows personal firewalls, and finally built > into Vista, is there in response to spyware. This is not yet a > Linux problem, and is never likely to be as severe, but it will > happen when children start using Linux in significant numbers. > These firewalls also tend to monitor the originating executable, > and warn the user when its signature changes, something we would > normally associate with an IDS rather than a firewall. But on the > whole, a process with the privilege to install would also have > the privilege to disable the firewall, so it is doubtful whether > a personal firewall is of much use to a root user. It is far more There's also the point that egress filtering and monitoring executable signatures doesn't catch malware that communicates with the outside world via standard system apps / utilities using standard ports, e.g. wget or even ssh. Celejar -- mailmin.sourceforge.net - remote access via secure (OpenPGP) email ssuds.sourceforge.net - A Simple Sudoku Solver and Generator -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
