On 1/13/07, Scott G Kelly <scott at hyperthought.com> wrote: > the 770 dev environment and see what I can do about this. If anyone else > here is working on firewall-related stuff for the 770 (or n800) let me > know so we can coordinate our efforts. > > Scott I don't think that a firewall for the 770 is particularly needed. The only services I can think that may be run at the moment on the average 770 user would be the Canola webserver and I believe that this can be limited to the loopback interface ? More advanced users probably run a ssh server as well. SSH can be secured by using keys instead of passwords. The very nature of the device also limits the time period an effective dictionary attack could be mounted for. Regarding client software ports, and attack against TCP sessions that _are already active_, I can't imagine that a firewall would make the slightest bit of difference should a person hijack a connection that is already present using a MitM attack with TCP spoofing. The connection itself is already valid, thus the firewall will have no reason to detect anything out of the ordinary. On a machine that runs no services, the only thing a firewall is useful for is monitoring the outgoing connection attempts from various applications. Should connection attempts be made from applications not authorised, these can be detected and stopped. This is not a configuration I have often come across on linux machines, because the problem of such trojans and viruses tend to be more windows based. I would argue that enabling a firewall would have more negative affects in terms of battery usage than realistic security enhancements. However, I also wouldn't imagine there is much work to be done to port iptables, or the current equivalent, given that it is in the linux kernel by default ? Gav
