Godfrey, >>Generally this is tracked on a per-program basis. The first time a >>program initiates an outbound connection you are asked to authorize >>it, afterwards the Firewall software remembers what has been >>authorized. Some firewall packages offer a third 'one time' >>authorization option as well. > > > I figured this kind of thing would be necessary. Sounds like a royal > pain in the butt to me, particularly if you have a complex system and > the things you are connecting to have a degree of variability and > hand-off the connection to other IP addresses frequently.
actually it's not problem at all. I'm running Kerio Personal Firewall on my WXP based notebook (until Apple releases something similar - A4 size, 1.2kg I am stuck with PC) and apart from that no other "security" related program such as anti-virus or anti-spyware (they are IMHO even worse than malware) is running on it. First time you get a connection attempt from/to unknown program, KPF displays an alert and let you decide whether it's legitimate. You can then set up a rule which will allow/deny the program to access specific port/range/protocol/IP address/es (just like on a normal unix based firewall - because in fact, KPF is unix based firewall). It also does MD-5 checksum of actual binaries so it's unlikely that any program trying to pretend it's something else stays unnoticed. Needless to say I never had a security related problem with my notebook (and I use it "in the wild" quite often). And it's running at full speed because there's no "anti-whatewer" to slow it down constantly (impact of KPF is negligible). Higly recommened for all PC users (especially older version 2.1.5). Mac users need not apply (yet). Cheers, Peter -- PDML Pentax-Discuss Mail List PDML@pdml.net http://pdml.net/mailman/listinfo/pdml_pdml.net
