On Wed, Feb 28, 2018 at 6:22 PM, taii...@gmx.com <taii...@gmx.com> wrote: > Is there a windows style application layer firewall?
Windows doesn't have an "application layer firewall" as far as I know. I believe that it does the filtering at the OS level, the same as Linux. Now, it is true that the UI for the Windows Firewall is typically used to set rules on a per-application basis. However, I'm pretty sure this can also be done with netfilter. I'm not sure if any of the more convenient netfilter front-ends offer this capability. > I get that it doesn't > stop truly malicious programs As far as I'm aware there is nothing really wrong with the Windows Firewall. I wouldn't expect it to be any less secure than netfilter. There is something to be said for having layers of defense and running a firewall that isn't on the server being protected, but that is true of both Linux and Windows. Of course the Windows implementation could contain a bug that the Linux implementation lacks, but the reverse is also true. Like everybody around here I prefer a FOSS implementation, and would trust it more due to the "many eyes" philosophy, but I'd stop short of saying that the Windows software firewall is particularly insecure. And of course if you want to filter based on process you have no choice but to implement it on the host running the process. This doesn't prevent you from also having a separate firewall at the network perimeter either. -- Rich
