faq
flatforty
contribute
subscribe
configure
search
rdf
main
parent
thread
|
Re: Protection against Trojans?
by fler on Friday 03/May/2002, @00:56
|
btw you can block specified apps /pids / users from accessing the network with iptables's owner match support
For ex to prevent mozilla from going anywhere
iptables -A OUTPUT -m owner --cmd-owner mozilla -j DROP
you could of course do it the other way around and block all outgoing traffic by default and allow only specified apps to access the network |
|
|
The Fine Print: The following comments
are owned by whomever posted them.
( Reply )
|
Re: Protection against Trojans?
by Ian Monroe on Friday 03/May/2002, @08:13
|
So a good idea would be to have a program which blocks all outgoing traffic by default, and then prompts you to let programs access the internet or open up a port, like ZoneAlarm. It would be complicated, because it really should prompt in an anogistic fashion, whether your in KDE, gnome, console whatever. Though having a program which prompts you say, only in KDE, and requires editing a text file otherwise would still be handy.
Though is the only way it differenates programs is by their name? Couldn't someone write a trojan named Mozilla and then bypass the rules?
|
[
Reply To This | View ]
|
Re: Protection against Trojans?
by theorz on Friday 03/May/2002, @09:19
|
Yes a zonealarm type system would be nice. Guarddog is a great piece of software, but it is made to work with, ipchains and iptables. This prevents them from getting the most out of iptables. It would be nice if ipchains support is dropped in the future. Though I do not have any spyware problems with linux now, so guarddog is more than adequate for now.
|
[
Reply To This | View ]
|
|
The Fine Print: The previous
comments are owned by whomever posted them.
( Reply )
|
|
![[KDE Dot News]](http://www.kde.org/dot/Images/kdedotnews.gif)
