Olin Sibert wrote: > Programs like BlackIce get almost all the way there, except they seem > to be only port-based, not address-based. To avoid each user having > to make all the choices, one might distribute configuration files with > known unresirable locations already listed. It might also be possible > for the warning to "score" the warning in some way (e.g., if the > program is not a known browser, it's somewhat more suspicious for it > to be talking to a web server). > > Have I missed sme great piece of software that does this already > (Linux or Windows), or is this an unmet need? Linux kernel firewalling, especially the iptables (availabe only in kernel 2.4.*). With iptables you can even search the packets for a string and deny/allow on that! There is a mailimg list about iptables and netfilter: archive: http://lists.samba.org/pipermail/netfilter/ subscribe: http://lists.samba.org/listinfo/netfilter Best regards, Martin Stricker -- Homepage: http://www.martin-stricker.de/ Red Hat Linux 7.2 for low memory: http://www.freesoftware.fsf.org/rule/ Registered Linux user #210635: http://counter.li.org/
