Re: How does Zonealarm check outgoing packets?

Larry Alkoff wrote:

> How does Zonealarm for Windows check outgoing packets to ask if you
> want to allow a specific _program_ to access the web?

UTSL
 
> How does it warn that a program is asking for server rights?

UTSL

> I'd like to see if these features could be incorporated into a
> unix/linux netfilter firewall

ZA or similar programs are no good examples for firewalls. Netfilter is a
packet-filter, and quite a good one, nothing more, nothing less. If you
don't want a particular software to communicate via the network, deny
execution of the software. Reading the manpage of chmod should offer help.
If you are uncertain whether you can trust a Linux application, read the
source code of it. Apart from that a packet filter acting as a separate
device never can have even the slightest clue which application on another
machine has created a certain packet.

> but first want to understand how it's done.

The mechanisms of comminication between applications (and kernel) in Windows
and Linux are totally different.

> I'm hoping that some on the list have an idea of how the internals
> work.

Windows internals are irrelevant in a Linux environment.

Wolfgang
Received on Thu Sep 29 19:53:30 2005