Ros-general

ros-general@reactos.org

1048 discussions

RE: [ros-general] Re: TDI-Based Open Source Personal Firewall

by Murphy, Ged (Bolton)

> -----Original Message----- > From: Richard Campbell [mailto:eek2121@comcast.net] > Sent: 16 November 2005 22:28 > To: ReactOS General List > Subject: Re: [ros-general] Re: TDI-Based Open Source Personal Firewall > > > I'm sorry but the windows firewall is a joke. It can be > controlled from > the command line, i can even add my own rule without the user > ever knowing. Only if your administrator, which makes sense. What's the point in having a firewall if you can't configure it. In fact, you should be able to configure any firewall from the command line, and any firewall you can't, should be 'considered a joke' ************************************************************************ The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster(a)exideuk.co.uk <mailto:postmaster@exideuk.co.uk> and then delete this message. Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com

18 years, 10 months

RE: [ros-general] Re: TDI-Based Open Source Personal Firewall

by Murphy, Ged (Bolton)

> If you pick up an exploit via a web browser a firewall isn't going to > help you anyway. I never said that it did. Re-read my original email. > The process needs > only to hook into another process, or install a rootkit, or > in the case > of windows firewall, things can be added > to the firewall 'convincing' it to not say anything. All dependant on the privileges obtained by the exploit and any escalation obtainable. > A > firewall may be > needed for those who don't know what they > are doing, but to say that EVERYONE should run a firewall is > ludicrous. As I said, I've been involved in computer security for many many years and my network is totally locked down. > I've been running firewall free for many > years and i've NEVER gotten exploited. To say an unprotected windows > box can be owned in 10 minutes isn't > true. No it's not, it's a proven fact. > All new copies of windows xp run at least sp2, which isn't > subject to the exploits the original release was. No, but it has a whole host of other vunls. It's not just the operating system though, in fact in most cases it's not the operating system which is attacked, it's the software which runs on it. What good is SP2 then? You should consider writing an article for securityfocus.com on how to protect yourself with no security. It would be the first article on this topic and I'm sure it would be a hit. ************************************************************************ The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster(a)exideuk.co.uk <mailto:postmaster@exideuk.co.uk> and then delete this message. Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com

18 years, 10 months

Re: ros-general Digest, Vol 26, Issue 24

by Antonio Pineda

Mr. Olsen: I'm sorry you don't like the new look. Me personally, do like it more than the old one. Furthermore, it's more familiar to a newbie user coming directly from MS Windows to ReactOS, which is something good in itself. However, I believe you can always change the particular aspect thru the INI files As for your "don't care" for boot time... well, actually you should, each of us should care about booting times of our OS's, and ReactOS's developers in particular even more!!! an OS should boot as fast as posible without compromising it's security or reliability nor doing quick and dirty hacks, that's for sure. Nonetheless, 4 seconds is AWESOME!!! GREAT WORK ALEX!!! I feel so excited I'm about to put my MP3 of "Dragostea din tei" (a.k.a. "Maya-hi" or "numa iei" by some people) just to feel closer to Romania and somehow cheer you telepathically ;-) > > Message: 5 > Date: Wed, 16 Nov 2005 19:06:37 +0100 > From: "Magnus Olsen" <magnus(a)itkonsult-olsen.com> > Subject: Re: [ros-general] Re: Freeldr UI modifications > To: "ReactOS General List" <ros-general(a)reactos.org> > Message-ID: <006601c5ead8$7ce14220$6800a8c0@greatlor6xtkb5> > Content-Type: text/plain; charset="UTF-8" > > Hi, I do not like the design at all, I do not care if it take 4 sec or > curent time it takes. >

18 years, 10 months

suggestions

by Ulrikhe Lukoie

<hi> 1 http://fabrice.bellard.free.fr/qemu/download.html at this page i've seen some images to linux/freedos/so on images i think, itz good idea to put there a link to http://reactos.org/download/qemu-image-laststable.tar.gz or something like that it will help to promote! cheers.. 2 and one more suggestion - to define responsible people for different field of the project for xample - i'd like to help with translation, but i dont have any idea who can i post to! also - i'm a designer but i do not know who can i post to, for getting any info, and/or any work.. so, having project coordinators/sub-coordinators - would be good, useful and productive! thanx for any feedback to this post! </hi> -- подпись ;) //origin: От великого до смешного примерно такое же расстояние, как от исторической личности до анекдотической фигуры. .:[TEAM-HQ:xTalmud] / [TEAM:GsO] / [TEAM-HQ:appoloWT]:. ...я, и мои братья, танцующие на кончике иглы | hELLO.com | .mambo

18 years, 10 months

Firefox progress

by Ge van Geldorp

Firefox is a blocker for the 0.3.0 release, so I started working on getting it running some time ago. Although I'm not making progress as fast as I'd hoped (Firefox is a bitch to debug), there definitely is progress. You can see current state of affairs on the screenshot at http://www.reactos.nl/pics/ff3.png (125Kb). Problems recently fixed: - Menu dropdowns are shown now - Icons on the toolbar are properly shown (work done by Blight) - Menus don't only show, but actually work - When opening a web page, the menu bar would be totally blacked out. This has been fixed. - Stability improved What still needs work: - The installer reportedly doesn't work - Sometimes you need to wiggle around the mouse a little bit to get the page to render If you want to try it out for yourself, get r19269 (or later). Copy "C:\Program Files\Mozilla Firefox" and all its subdirectories from a Windows installation to your ReactOS disk, then start firefox.exe in that directory. Gé van Geldorp.

18 years, 10 months

RE: [ros-general] Re: TDI-Based Open Source Personal Firewall

by Murphy, Ged (Bolton)

You've already given out your IP : 71.48.103.59 - NEW JERSEY, FLEMINGTON, SPRINT DSL NETWORK And, by the looks of it, it's come from a private IP address : 192.168.1.2, which means your machine isn't directly connected to the internet. I would say your using either a proxy, or some form of NAT/PAT. -----Original Message----- From: Richard Campbell [mailto:eek2121@comcast.net] Sent: 16 November 2005 00:51 To: ReactOS General List Subject: Re: [ros-general] Re: TDI-Based Open Source Personal Firewall I'll give ya an ip if you'd like :) Alex Ionescu wrote: > Hi Richard, > > While I agree with your general statement (I don't run an > antivirus/firewall myself for the same reasons), your argument and > reasoning is flawed. You are assuming that all exploits that exist are > patched. They are not. In fact, if you're running Windows XP patched > with the latest available updates and have your RPC port open (you > probably do), I can crack your machine -right now-. Without a firewall > nothing will stop my exploit packet from reaching you; there is no > published vulnerability for this bug. Do you use IE? I know of 4 > unpatched bugs still in IE6 today that aren't "in the wild". One of > them can be used to crack your system after going on a web-page. Once > again, without a firewall, you'll get infected (even with one you > will, but the payload wouldn't be able to do anything). > > Best regards, > Alex Ionescu > > Richard Campbell wrote: > >> That's your opinion. >> >> Do you know that on this box i've never run a firewall or a virus >> scanner? Occasionally i'll run a web based scanner to check >> suspicious files, etc. but i've never found need for a firewall/virus >> scanner. As long as you stay up to date and don't run questionable >> files you are fine. A firewall is not NEEDED as long as the OS is >> properly configured and working. >> >> Richard >> >> >> Ged Murphy wrote: >> > > _______________________________________________ > ros-general mailing list > ros-general(a)reactos.org > http://www.reactos.org/mailman/listinfo/ros-general > _______________________________________________ ros-general mailing list ros-general(a)reactos.org http://www.reactos.org/mailman/listinfo/ros-general ************************************************************************ The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster(a)exideuk.co.uk <mailto:postmaster@exideuk.co.uk> and then delete this message. Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com

18 years, 10 months

TDI-Based Open Source Personal Firewall

by James Tabor

Hi From IRC some weeks ago. This looks good to me. http://sourceforge.net/projects/tdifw Thanks, James

18 years, 10 months

RE: [ros-general] Re: TDI-Based Open Source Personal Firewall

by Murphy, Ged (Bolton)

I'm sorry, but that's ridiculous, I can assure you that a firewall is needed. I work in computer security, so I'm pretty sure I know how to set up a network securely. I run, amongst other things, gateway FW, AV, IDS, vunl + rootkit scanners, and I don't even have any network services switched on (apart from a honeypot in a DMZ at times for fun) I think the statistics for hooking up an unprotected Windows machine to the internet are something like 10 minutes before it becomes infected. I think I understand the angle your looking at, if you don't run any services then effectively nothing can exploit you, but his is just not true. Consider you pick up a 0 day via your web browser. This in turn loads software which contacts an IRC botnet, installing a trojan turning your machine into a zombie. That zombie can now send out whatever data it wants unchecked by an outbound checking firewall. The fact you don't use an AV means it'll probably never be picked up unless you notice traffic congestion, or happen to see it in via 'netstat -a'. This is just one scenario out of thousands. What if you actually wanted to run some services. ROS will one day be used in this manner, whether it be for web and mail servers or something else, it will certainly need a firewall to control traffic. If firewalls aren't needed, why does nearly everyone use them, and why is Cisco's PIX so popular? -----Original Message----- From: Richard Campbell [mailto:eek2121@comcast.net] Sent: 15 November 2005 01:31 To: ReactOS General List Subject: Re: [ros-general] Re: TDI-Based Open Source Personal Firewall That's your opinion. Do you know that on this box i've never run a firewall or a virus scanner? Occasionally i'll run a web based scanner to check suspicious files, etc. but i've never found need for a firewall/virus scanner. As long as you stay up to date and don't run questionable files you are fine. A firewall is not NEEDED as long as the OS is properly configured and working. Richard ************************************************************************ The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster(a)exideuk.co.uk <mailto:postmaster@exideuk.co.uk> and then delete this message. Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com

18 years, 10 months

RE: [ros-general] Re: TDI-Based Open Source Personal Firewall

by Murphy, Ged (Bolton)

> > I've thought occasionally, since the MS Win[9N][xT] TCP/IP > stack is based on > the *BSD one, that it should be possible to adapt the OpenBSD > firewall/s to > the MS Win-compatible TCP/IP stack. I thought of it when my > Mum's MS Win05 > box went online, but haven't had the time to do anything about it. > > What do people think? IIRC, the NT stack is not based on the BSD one. It has been completley rewritten from scratch. Windows firewalls can be implemented in a few different ways. There is a winsock hook, which is quite frankly laughable in terms of security, there are several other means of hooking into the TDI and NDIS. There is also an ip filter driver which was introduced in Windows 2000 (but dropped there after). There is then the more secure, but more complex methods of writing kernel level drivers either sandwiched between NDIS as an intermediate driver, or implementing the new windows technology of Windows Filter Platform / Winsock Kernel which Alex Ionescu has brought to my attention recently. None of the above methods can be derived directly from the BSD implementation. ************************************************************************ The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster(a)exideuk.co.uk <mailto:postmaster@exideuk.co.uk> and then delete this message. Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com

18 years, 10 months

RE: [ros-general] Re: TDI-Based Open Source Personal Firewall

by Murphy, Ged (Bolton)

Current thoughts are either an an intermediate NDIS driver, or implementing WFP / WSK. Either way they will both operate at the lower end of the network stack for maximum security. -----Original Message----- From: crashfourit [mailto:crashfourit@gmail.com] Sent: 15 November 2005 02:46 To: ReactOS General List Subject: Re: [ros-general] Re: TDI-Based Open Source Personal Firewall I would say that the firewall needs to be integrated with the TCP/IP stack and the network API. This could give better protection for the end user, but it could come with a curse. To do this, we would need to make sure that eliminate, as much as possible, the possibility of double free and buffer overflow attacks. Also, there need to be an option to log were all the traffic is coming from or going to. In addition, it needs filter, including incoming traffic, outgoing traffic. Also, it need to be able to destignuish between trusted addapters and non-trusted addapter with various levels between them. It would also be nice to have the option to filter out most everything when the screensaver is on or after a certain user inactivity period. Michael B. Trausch wrote: Richard Campbell wrote: That's your opinion. Do you know that on this box i've never run a firewall or a virus scanner? Occasionally i'll run a web based scanner to check suspicious files, etc. but i've never found need for a firewall/virus scanner. As long as you stay up to date and don't run questionable files you are fine. A firewall is not NEEDED as long as the OS is properly configured and working. Richard Many users of Windows like things that "just work." That includes virus protection and the like. While I shy away from questionable files and practices, sometimes prohibitively so, I retain a current, updated virus scanner on my machine, "just in case." People I work with aren't always as careful as I am, and I've found one or two (relatively harmless) things that way. It doesn't bother me much, but it is nice to have. Nobody's perfect. As far as a firewall... I don't like software firewalls, but many do. They like their functionality to block things and whatnot. Also, people just aren't careful. They don't care. They click away, and everything else. That's 70%, if not more, of the computer users that you have out there. If those people aren't protected out of the box, odds are they won't be -- and that puts the rest of us at risk, especially if they get something that can do nasty bandwidth hogging things. When you're talking about "real" end-users, firewalls and virus software are a must. They are there to prevent the Internet from falling apart, in many ways, and while I don't like the fact that they are necessary at all, they are, and that's a result of the world we live in. - Mike _____ _______________________________________________ ros-general mailing list ros-general(a)reactos.org <mailto:ros-general@reactos.org> http://www.reactos.org/mailman/listinfo/ros-general <http://www.reactos.org/mailman/listinfo/ros-general> ************************************************************************ The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster(a)exideuk.co.uk <mailto:postmaster@exideuk.co.uk> and then delete this message. Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com

18 years, 10 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

Ros-general