On Thu, 28 Aug 2003 07:53:49 -0700 rikona <[EMAIL PROTECTED]> uttered:
> I don't think you can get this with ANY configuration in Mandrake > because, as I understand it, iptables is NOT application-aware as are > several firewalls for Windoze. IMHO, this is a great oversight in > protecting individual computers from 'calling home', as trojans or > snoopware might do. Trojans are better checked with chkrootkit (sp?) anyway, IMHO. The problem with this so-called application awareness in something like ZoneAlarm is: what if the Trojan disguises itself as Mozilla? Or "infects" Mozilla? ZoneAlarm is a joke, but it's better than *no* joke I guess, except in the sense it might give one a false sense of security. > OTOH, I might have missed how to or what can do this. If so, perhaps > one of our experts can tell me how to do it. Briefly, for example, I > would like ONLY Opera and Mozilla to be able to use port 80 out, and > to alert me if anything else tries to use this port. How can I do > that? If you have shorewall installed (I don't so I can't check), go into Webmin and look, I'll betcha dollars to donuts that you can assign application "awareness" of some kind, but...see above. -- HaywireMac Registered Linux user #282046 Homepage: nodex.sytes.net ++++++++++++++++++++++ Remember, Grasshopper, falling down 1000 stairs begins by tripping over the first one. -- Confusion
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com