Personal firewall like Zone Alarm: is it exists?

Hello,

I'm looking for a software like Zone Alarm (personal firewall)
that works on Linux. Can you help me?

ant wrote:
> Hello,
>
> I'm looking for a software like Zone Alarm (personal firewall)
> that works on Linux. Can you help me?

Check out http://www.fs-security.com/

A netfilter (iptables) frontend. Easy to use:)

mvh
Kenneth Hårstad

On Sat, 24 Nov 2007 23:43:41 -0800, ant wrote:

> Hello,
>
> I'm looking for a software like Zone Alarm (personal firewall) that
> works on Linux. Can you help me?

Which distro are you using? Every distro that I know of has firewall
configuration built in. In Fedora it's under the menu item system/
administration/Firewall and SELinux.

On 25 Nov, 14:49, General Schvantzkoph <schvantzk...@yahoo.com> wrote:
> On Sat, 24 Nov 2007 23:43:41 -0800, ant wrote:
> > Hello,
>
> > I'm looking for a software like Zone Alarm (personal firewall) that
> > works on Linux. Can you help me?
>
> Which distro are you using? Every distro that I know of has firewall
> configuration built in. In Fedora it's under the menu item system/
> administration/Firewall and SELinux.

I'm using openSuse 10.3. I know netfilter, but I'm looking for a
personal firewall
that notify me when an application requires access to the Internet.

ant wrote:
> On 25 Nov, 14:49, General Schvantzkoph <schvantzk...@yahoo.com> wrote:
>> On Sat, 24 Nov 2007 23:43:41 -0800, ant wrote:
>>> Hello,
>>> I'm looking for a software like Zone Alarm (personal firewall) that
>>> works on Linux. Can you help me?
>> Which distro are you using? Every distro that I know of has firewall
>> configuration built in. In Fedora it's under the menu item system/
>> administration/Firewall and SELinux.
>
> I'm using openSuse 10.3. I know netfilter, but I'm looking for a
> personal firewall
> that notify me when an application requires access to the Internet.

That's going to be a big problem. In the Win environment, software gets
installed without your knowledge or requires access to the internet when
you aren't expecting it. Firewall software like Zone Alarm intercepts
internet traffic and "holds" it for your approval/rejection. Linux
wisely reserves maintaining the firewall to root; which means that you
should send the messages to root which wouldn't show up unless you are
using your system as root - a dubious practice.

All Linux software I've seen has always included documentation that
states what IP (or UDP) port(s) will be needed to properly use the
software. I believe that most Linux administrators want to keep tight
control over installed software, not make on-the-fly decisions to allow
internet access to random pieces of code.

Phil Sherman

On 25 Nov, 07:43, ant <ant.mirabe...@gmail.com> wrote:
> Hello,
>
> I'm looking for a software like Zone Alarm (personal firewall)
> that works on Linux. Can you help me?

No there isn't software that works like Zone Alarm on Linux - for a
whole list of reasons, most of them in Linux's favour.

If you want a firewall, every distro I've used comes with one already,
but typically they can be tricky to tweak (and you need a good
understanding of what the default settings mean - since you're asking
the question - probably not).

Find out what you've got already.

If you have very particular requirements and are confident you can
remove AND REPLACE the current firewall properly, then try Firestarter
(google for a url).

C.

Phil Sherman wrote:

>
>
> ant wrote:
>> On 25 Nov, 14:49, General Schvantzkoph <schvantzk...@yahoo.com> wrote:
>>> On Sat, 24 Nov 2007 23:43:41 -0800, ant wrote:
>>>> Hello,
>>>> I'm looking for a software like Zone Alarm (personal firewall) that
>>>> works on Linux. Can you help me?
>>> Which distro are you using? Every distro that I know of has firewall
>>> configuration built in. In Fedora it's under the menu item system/
>>> administration/Firewall and SELinux.
>>
>> I'm using openSuse 10.3. I know netfilter, but I'm looking for a
>> personal firewall
>> that notify me when an application requires access to the Internet.
>
> That's going to be a big problem. In the Win environment, software gets
> installed without your knowledge or requires access to the internet when
> you aren't expecting it. Firewall software like Zone Alarm intercepts
> internet traffic and "holds" it for your approval/rejection. Linux
> wisely reserves maintaining the firewall to root; which means that you
> should send the messages to root which wouldn't show up unless you are
> using your system as root - a dubious practice.
>
> All Linux software I've seen has always included documentation that
> states what IP (or UDP) port(s) will be needed to properly use the
> software. I believe that most Linux administrators want to keep tight
> control over installed software, not make on-the-fly decisions to allow
> internet access to random pieces of code.
>
> Phil Sherman

I have seen one available, but I tried it out and it didn't seem to perform
as advertised. Perhaps Phil has the reason why.

I am running Mandriva Linux with its supplied firewall. Basically
the "firewalls" are frontends to iptables. One that I liked was Guarddog,
www.simonzone.com/software/guarddog/ which is for KDE only. It may be on
your installation disks.

Personally, under Windows, I found the continual prompting of ZoneAlarm a
big distraction, although it can be set to do everything automatically
(which you don't want, anyway.)

Doug.

ant wrote:
> Hello,
>
> I'm looking for a software like Zone Alarm (personal firewall)
> that works on Linux. Can you help me?

I think you can make your own. Tweak the firewall to log all
rejected packets. Have a monitor process watch the log and
pop up a dialog box to ask you if you want to allow. If yes,
the rules are tweaked in RAM (thus this session only) or both
RAM and file (iptables file used at boot time).

The port-knocking software already does this, you may be able
to adapt it to your needs.

-Wayne

Phil Sherman <psherman@ameritech.net> wrote:

> ant wrote:
>> On 25 Nov, 14:49, General Schvantzkoph <schvantzk...@yahoo.com> wrote:
>>> On Sat, 24 Nov 2007 23:43:41 -0800, ant wrote:
>>>> Hello,
>>>> I'm looking for a software like Zone Alarm (personal firewall) that
>>>> works on Linux. Can you help me?
>>> Which distro are you using? Every distro that I know of has firewall
>>> configuration built in. In Fedora it's under the menu item system/
>>> administration/Firewall and SELinux.
>>
>> I'm using openSuse 10.3. I know netfilter, but I'm looking for a
>> personal firewall
>> that notify me when an application requires access to the Internet.
>
> That's going to be a big problem. In the Win environment, software
> gets installed without your knowledge or requires access to the
> internet when you aren't expecting it. Firewall software like Zone
> Alarm intercepts internet traffic and "holds" it for your
> approval/rejection. Linux wisely reserves maintaining the firewall to
> root; which means that you should send the messages to root which
> wouldn't show up unless you are using your system as root - a dubious
> practice.

It could be done using DBus for communication with the user.


> All Linux software I've seen has always included documentation that
> states what IP (or UDP) port(s) will be needed to properly use the
> software. I believe that most Linux administrators want to keep tight
> control over installed software, not make on-the-fly decisions to
> allow internet access to random pieces of code.

Maybe it could be useful for some diagnostic purpose. But it can't
provide any protections against malicious software as it is quite easy
to use other harmless software to send out the data.


Florian
--
<http://www.florian-diesch.de/>
-----------------------------------------------------------------------
** Hi! I'm a signature virus! Copy me into your signature, please! **
-----------------------------------------------------------------------

On 27 Nov, 16:51, Florian Diesch <die...@spamfence.net> wrote:
> Phil Sherman <psher...@ameritech.net> wrote:
> > ant wrote:
> >> On 25 Nov, 14:49, General Schvantzkoph <schvantzk...@yahoo.com> wrote:
> >>> On Sat, 24 Nov 2007 23:43:41 -0800, ant wrote:
> >>>> Hello,
> >>>> I'm looking for a software like Zone Alarm (personal firewall) that
> >>>> works on Linux. Can you help me?
> >>> Which distro are you using? Every distro that I know of has firewall
> >>> configuration built in. In Fedora it's under the menu item system/
> >>> administration/Firewall and SELinux.
>
> >> I'm using openSuse 10.3. I know netfilter, but I'm looking for a
> >> personal firewall
> >> that notify me when an application requires access to the Internet.
>
> > That's going to be a big problem. In the Win environment, software
> > gets installed without your knowledge or requires access to the
> > internet when you aren't expecting it. Firewall software like Zone
> > Alarm intercepts internet traffic and "holds" it for your
> > approval/rejection. Linux wisely reserves maintaining the firewall to
> > root; which means that you should send the messages to root which
> > wouldn't show up unless you are using your system as root - a dubious
> > practice.
>
> It could be done using DBus for communication with the user.
>
> > All Linux software I've seen has always included documentation that
> > states what IP (or UDP) port(s) will be needed to properly use the
> > software. I believe that most Linux administrators want to keep tight
> > control over installed software, not make on-the-fly decisions to
> > allow internet access to random pieces of code.
>
> Maybe it could be useful for some diagnostic purpose. But it can't
> provide any protections against malicious software as it is quite easy
> to use other harmless software to send out the data.
[cut]

Zone Alarm can do it, can't it?