Current thoughts are either an an intermediate NDIS driver, or implementing WFP / WSK.
 
Either way they will both operate at the lower end of the network stack for maximum security.
 
-----Original Message-----
From: crashfourit [mailto:crashfourit@gmail.com]
Sent: 15 November 2005 02:46
To: ReactOS General List
Subject: Re: [ros-general] Re: TDI-Based Open Source Personal Firewall

I would say that the firewall needs to be integrated with the TCP/IP stack and the network API.  This could give better protection for the end user, but it could come with a curse. To do this, we would need to make sure that eliminate, as much as possible, the possibility of double free and buffer overflow attacks. Also, there need to be an option to log were all the traffic is coming from or going to. In addition, it needs filter, including incoming traffic, outgoing traffic. Also, it need to be able to destignuish between trusted addapters and non-trusted addapter with various levels between them. It would also be nice to have the option to filter out most everything when the screensaver is on or after a certain user inactivity period.

Michael B. Trausch wrote:
Richard Campbell wrote:
  
That's your opinion.

Do you know that on this box i've never run a firewall or a virus
scanner?  Occasionally i'll run a web based scanner to check suspicious
files, etc. but i've never found need for a firewall/virus scanner.  As
long as you stay up to date and don't run questionable files you are
fine.  A firewall is not NEEDED as long as the OS is properly configured
and working.

Richard

    

Many users of Windows like things that "just work."  That includes virus
protection and the like.  While I shy away from questionable files and
practices, sometimes prohibitively so, I retain a current, updated virus
scanner on my machine, "just in case."  People I work with aren't always
as careful as I am, and I've found one or two (relatively harmless)
things that way.  It doesn't bother me much, but it is nice to have.
Nobody's perfect.

As far as a firewall... I don't like software firewalls, but many do.
They like their functionality to block things and whatnot.

Also, people just aren't careful.  They don't care.  They click away,
and everything else.  That's 70%, if not more, of the computer users
that you have out there.  If those people aren't protected out of the
box, odds are they won't be -- and that puts the rest of us at risk,
especially if they get something that can do nasty bandwidth hogging things.

When you're talking about "real" end-users, firewalls and virus software
are a must.  They are there to prevent the Internet from falling apart,
in many ways, and while I don't like the fact that they are necessary at
all, they are, and that's a result of the world we live in.

	- Mike

  

_______________________________________________
ros-general mailing list
ros-general@reactos.org
http://www.reactos.org/mailman/listinfo/ros-general

************************************************************************

The information contained in this message or any of its

attachments is confidential and is intended for the exclusive

use of the addressee. The information may also be legally

privileged. The views expressed may not be company policy,

but the personal views of the originator. If you are not the

addressee, any disclosure, reproduction, distribution or other

dissemination or use of this communication is strictly prohibited.

If you have received this message in error, please contact

postmaster@exideuk.co.uk

and then delete this message.


Exide Technologies is an industrial and transportation battery

producer and recycler with operations in 89 countries.

Further information can be found at www.exide.com