shrek-m@xxxxxx schrieb:
Roger Grosswiler wrote:
But i can tell you in a bit a philosophical way, that the firewall
should be done for newbs - they connect to the internet, no firewall
(i still see this now...) and they often never remark, that their
computer is captured.
you mean here linux machines ?
No sir, windows-machines
And who has to resolve it??? Not themselves, as it is easier to
install a simple firewall than removing trojans, worms and alle the
rest of this *#%& - they trust on tools and experts and experts
writing those tools :-)
I deleted on a friends machine 7 trojans and 3 dialers, nevermind
where he was surfing :-)
i assume he had no on-access scanner.
No sir, in fact he had. But let's not talk about the age of his
signatures ;-)
was this a linux machine
a windowzer
or a windowzer behind an older linux-pc with a firewall or
squid/danguardian ?
see eg $ vi /usr/share/doc/rp-pppoe-*/configs/firewall-*
At least, i just installed him zonealarm (yes, his a windozer...),
zonealarm for linux ? no thanks, i prefer iptables.
i fact, zonealarm is for windows, i'd never run it on linux, as i have
my iptables too :-) ...but shouldn't we think about lots of users to
change from windows to linux? Shall linux always stay for "gurus"???
closed everything and explained him, how to handle that part, if a
windows comes up and tries accessing to internet. Since then, he was
clean.
OT:
hahaha :-)
if you close all eg. "generic host bla" he will run in trouble.
i have seen zonealarms allowed everything because the "newbies" allow
after a short time all applications.
result: i have a firewall, why do i have trojans/worms/etc ?
[OT reply]
i closed everything, started the apps he needs (browser, email, what
else does he need really??? -> nothing!). The advantage of the
application level gateway is, that it remarks traffic, that shouldn't be
and asks for allowing of the app or disallowing. so he surfs and gets
his mails and is happy and since then, he never ever got any more that
stuff, as he also got antivir installed, which asks him each week to
update! :-) So, hopefully he also has some DISCIPLINE and just doesn't
open the firewall or equal (according to Will Hoopers reply from yesterday.)
Roger