Personal firewall like Zone Alarm: is it exists?

ant <ant.mirabella@gmail.com> wrote:

> On 27 Nov, 16:51, Florian Diesch <die...@spamfence.net> wrote:
>> Phil Sherman <psher...@ameritech.net> wrote:
>> > ant wrote:
>> >> On 25 Nov, 14:49, General Schvantzkoph <schvantzk...@yahoo.com> wrote:
>> >>> On Sat, 24 Nov 2007 23:43:41 -0800, ant wrote:
>> >>>> Hello,
>> >>>> I'm looking for a software like Zone Alarm (personal firewall) that
>> >>>> works on Linux. Can you help me?
>> >>> Which distro are you using? Every distro that I know of has firewall
>> >>> configuration built in. In Fedora it's under the menu item system/
>> >>> administration/Firewall and SELinux.
>>
>> >> I'm using openSuse 10.3. I know netfilter, but I'm looking for a
>> >> personal firewall
>> >> that notify me when an application requires access to the Internet.
>>
>> > That's going to be a big problem. In the Win environment, software
>> > gets installed without your knowledge or requires access to the
>> > internet when you aren't expecting it. Firewall software like Zone
>> > Alarm intercepts internet traffic and "holds" it for your
>> > approval/rejection. Linux wisely reserves maintaining the firewall to
>> > root; which means that you should send the messages to root which
>> > wouldn't show up unless you are using your system as root - a dubious
>> > practice.
>>
>> It could be done using DBus for communication with the user.
>>
>> > All Linux software I've seen has always included documentation that
>> > states what IP (or UDP) port(s) will be needed to properly use the
>> > software. I believe that most Linux administrators want to keep tight
>> > control over installed software, not make on-the-fly decisions to
>> > allow internet access to random pieces of code.
>>
>> Maybe it could be useful for some diagnostic purpose. But it can't
>> provide any protections against malicious software as it is quite easy
>> to use other harmless software to send out the data.
> [cut]
>
> Zone Alarm can do it, can't it?

I don't know much about Windows but I'm quite sure a malicious program
can call your web browser or some other unsuspicious program to submit
data to any internet site and ZA will not notice this.


Florian
--
<http://www.florian-diesch.de/>
-----------------------------------------------------------------------
** Hi! I'm a signature virus! Copy me into your signature, please! **
-----------------------------------------------------------------------

"Kenneth Hårstad" <kenhars@gmail.com> wrote in message
news:474937a3$1@news.broadpark.no...
> ant wrote:
>> Hello,
>>
>> I'm looking for a software like Zone Alarm (personal firewall)
>> that works on Linux. Can you help me?
>
> Check out http://www.fs-security.com/
>
> A netfilter (iptables) frontend. Easy to use:)

I use Shorewall (http://www.shorewall.net/), another iptables frontend. It
is not a GUI, and requires that you know/learn just the right amount about
ports and packets etc. Once you've invested the effort to master it, it will
serve you perfectly.

To paraphrase Phil Sherman, you should keep track of what software is
running on your system and what ports you expect it to use, and configure
this in shorewall rather than make on-the-fly decisions. Shorewall works
well with ulogd, making possible a homebrew monitoring program as suggested
by Wayne.

Good luck,

CC