15 Nov
2005
15 Nov
'05
10:18 p.m.
David Hinz wrote:
[snip]
I think this is hard, but it will make it much harder for worms to
spread, as they don't have the chance to deactivate our securitysuite
and so they will be detected within two days and if they try to
shutdown the securitysuite they have no chance to spread. That would
be more secure than any other existing OS.
I think that this may be a little bit beyond hard. I'm not a developer,
per se, but I can understand a great deal of what would go into things.
Creating a firewall "service" isn't a bad idea at all -- this allows
the user to enable/disable it and choose something else, if they want.
But I fail to see how you expect the OS kernel to work to verify that
the end user is what created the action to disable the service, since
the kernel is pretty far away, relatively speaking, from the GUI and
additional software that's used to interface with the system software.
It could be done a la WinXP SP2 where a popup window comes up when
ReactOS detects that there isn't something running to protect the user,
which could be disabled by the user at will. I think that's good,
because it gives the user even more choices, and ReactOS would be able
to watch more then just its own modules/services that way.
I'd hate to think what would happen if the user had some different means
of controlling the running services on the workstation or server, and
ReactOS interpreted its shutdown of the "Security Suite" as a malicious
act and then blocked the user from the entire machine, especially if
they're remotely working on it.
In a nutshell, it would be more secure then any existing OS, sort of.
But I don't count any potential for a DoS to be a security plus.
- Mike
--
Michael B. Trausch fd0man(a)gmail.com
AIM: MB Trausch Jabber: mtrausch(a)jabber.com