Current thoughts are either an an intermediate NDIS driver, or implementing WFP / WSK.

Either way they will both operate at the lower end of the network stack for maximum security.

-----Original Message----- From: crashfourit [mailto:crashfourit@gmail.com] Sent: 15 November 2005 02:46 To: ReactOS General List Subject: Re: [ros-general] Re: TDI-Based Open Source Personal Firewall

I would say that the firewall needs to be integrated with the TCP/IP stack and the network API. This could give better protection for the end user, but it could come with a curse. To do this, we would need to make sure that eliminate, as much as possible, the possibility of double free and buffer overflow attacks. Also, there need to be an option to log were all the traffic is coming from or going to. In addition, it needs filter, including incoming traffic, outgoing traffic. Also, it need to be able to destignuish between trusted addapters and non-trusted addapter with various levels between them. It would also be nice to have the option to filter out most everything when the screensaver is on or after a certain user inactivity period.

Michael B. Trausch wrote:

Richard Campbell wrote:

That's your opinion.

Do you know that on this box i've never run a firewall or a virus

scanner? Occasionally i'll run a web based scanner to check suspicious

files, etc. but i've never found need for a firewall/virus scanner. As

long as you stay up to date and don't run questionable files you are

fine. A firewall is not NEEDED as long as the OS is properly configured

and working.

Richard

Many users of Windows like things that "just work." That includes virus

protection and the like. While I shy away from questionable files and

practices, sometimes prohibitively so, I retain a current, updated virus

scanner on my machine, "just in case." People I work with aren't always

as careful as I am, and I've found one or two (relatively harmless)

things that way. It doesn't bother me much, but it is nice to have.

Nobody's perfect.

As far as a firewall... I don't like software firewalls, but many do.

They like their functionality to block things and whatnot.

Also, people just aren't careful. They don't care. They click away,

and everything else. That's 70%, if not more, of the computer users

that you have out there. If those people aren't protected out of the

box, odds are they won't be -- and that puts the rest of us at risk,

especially if they get something that can do nasty bandwidth hogging things.

When you're talking about "real" end-users, firewalls and virus software

are a must. They are there to prevent the Internet from falling apart,

in many ways, and while I don't like the fact that they are necessary at

all, they are, and that's a result of the world we live in.

- Mike

_____

_______________________________________________

ros-general mailing list

ros-general@reactos.org mailto:ros-general@reactos.org

http://www.reactos.org/mailman/listinfo/ros-general http://www.reactos.org/mailman/listinfo/ros-general

************************************************************************ The information contained in this message or any of its attachments is confidential and is intended for the exclusive use of the addressee. The information may also be legally privileged. The views expressed may not be company policy, but the personal views of the originator. If you are not the addressee, any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited. If you have received this message in error, please contact postmaster@exideuk.co.uk mailto:postmaster@exideuk.co.uk and then delete this message.

Exide Technologies is an industrial and transportation battery producer and recycler with operations in 89 countries. Further information can be found at www.exide.com