True choice is needed, so I would add that there would need to be an option to turn off the built in firewall and install one of their choice. But I firmly believe there needs to be a built-in network logging system that is hard to tamper with by other programs that can be turned on or off by the user in the control pannel. The firewall could be set up too that way.

Michael B. Trausch wrote:
crashfourit wrote:
  
I would say that the firewall needs to be integrated with the TCP/IP 
stack and the network API.  This could give better protection for the
 end user, but it could come with a curse. To do this, we would need
to make sure that eliminate, as much as possible, the possibility of
double free and buffer overflow attacks. Also, there need to be an
option to log were all the traffic is coming from or going to. In
addition, it needs filter, including incoming traffic, outgoing
traffic. Also, it need to be able to destignuish between trusted
addapters and non-trusted addapter with various levels between them.
It would also be nice to have the option to filter out most
everything when the screensaver is on or after a certain user
inactivity period.

    

I don't know about that idea, really.  It pretty well completely
undermines the ability of the user to make the choice, even if they are
making a completely unreasonable one.  It's the style of forcing things
down one's neck that I just really don't get.

Other operating systems have this sort of thing built into their
kernels, such as Linux and *BSD, but it's not something that has ever
really been built-in to the Windows kernel, and various vendors have
created their custom, third-party solutions to that.  I think that
perhaps the ROS firewall should be something that could be installed in
the Add/Remove Components control panel, like you can add/remove
features to/from Windows using.  I don't think it'd actually be a bad
idea to do that with a lot of things that ReactOS could come "out of the
box" with.  That helps do something that's great:  Give the end-user a
choice.  If the end-user doesn't want to run the ReactOS optimized web
server or the ReactOS firewall, they don't have to.  They can use
anything that they want in its place.

	- Mike

  

_______________________________________________
ros-general mailing list
ros-general@reactos.org
http://www.reactos.org/mailman/listinfo/ros-general