Hi From IRC some weeks ago. This looks good to me.
http://sourceforge.net/projects/tdifw
Thanks, James
James Tabor wrote:
Hi From IRC some weeks ago. This looks good to me.
http://sourceforge.net/projects/tdifw
Thanks, James
I've already looked into it, and spoken to the guy who wrote it. TDI isn't the best place to be sticking a firewall, it's a little high in the network stack.
I plan to implement one as an intermediate NDIS driver, however with the current state of NDIS, this isn't currently possible.
If it's still not possible when we come to needing a firewall, the TDI one will be the next best thing. Anything is better than using packet filtering via the win2k ipfltdrv.sys
I'm attaching a network model which shows where TDI sits, and where the intermediate driver would sit.
Ged.
Hi, What about these: i-safer firewall http://www.PSMKorea.co.kr http://winsockfirewall.sourceforge.net
this is a bit dated now Pseud IP Masquerade on Win32 http://www.hh.iij4u.or.jp/~yukon/soft/pipmasq/
are they any good for ReactOS.
Regards, jh
Hi jh.
I can't read the first one, it's in Korean. the second one is a big no no. Winsock it the worst possible place to have a firewall. As for the 3rd, IP Masquerading is not really what we're looking for.
What we need is a NDIS driver or something along the lines of what Alex mentioned. (which sounded very interesting) AFAIK, there is nothing out there at this level for Windows which is open source. We'll have to write our own.
Ged.
On 10/27/05, jh replies@mrnobody.uklinux.net wrote:
Hi, What about these: i-safer firewall http://www.PSMKorea.co.kr http://winsockfirewall.sourceforge.net
this is a bit dated now Pseud IP Masquerade on Win32 http://www.hh.iij4u.or.jp/~yukon/soft/pipmasq/
are they any good for ReactOS.
Regards, jh _______________________________________________ ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
Hi All:
Check
Simple TDI-Based Open Source Personal Firewall for Windows NT4/2000/XP/2003
http://sourceforge.net/projects/tdifw
All the best,
YU
--- Ged Murphy gedmurphy@gmail.com wrote:
Hi jh.
I can't read the first one, it's in Korean. the second one is a big no no. Winsock it the worst possible place to have a firewall. As for the 3rd, IP Masquerading is not really what we're looking for.
What we need is a NDIS driver or something along the lines of what Alex mentioned. (which sounded very interesting) AFAIK, there is nothing out there at this level for Windows which is open source. We'll have to write our own.
Ged.
On 10/27/05, jh replies@mrnobody.uklinux.net wrote:
Hi, What about these: i-safer firewall http://www.PSMKorea.co.kr http://winsockfirewall.sourceforge.net
this is a bit dated now Pseud IP Masquerade on Win32 http://www.hh.iij4u.or.jp/~yukon/soft/pipmasq/
are they any good for ReactOS.
Regards, jh _______________________________________________ ros-general mailing list ros-general@reactos.org
http://www.reactos.org/mailman/listinfo/ros-general
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
__________________________________ Start your day with Yahoo! - Make it your home page! http://www.yahoo.com/r/hs
Hi All,
Here NDIS level project.
Simple NDIS Hooking Based Firewall for NT4/2000
http://ntdev.h1.ru/ndis_fw.zip
All the best,
YU
--- Ged Murphy gedmurphy@gmail.com wrote:
Hi jh.
I can't read the first one, it's in Korean. the second one is a big no no. Winsock it the worst possible place to have a firewall. As for the 3rd, IP Masquerading is not really what we're looking for.
What we need is a NDIS driver or something along the lines of what Alex mentioned. (which sounded very interesting) AFAIK, there is nothing out there at this level for Windows which is open source. We'll have to write our own.
Ged.
On 10/27/05, jh replies@mrnobody.uklinux.net wrote:
Hi, What about these: i-safer firewall http://www.PSMKorea.co.kr http://winsockfirewall.sourceforge.net
this is a bit dated now Pseud IP Masquerade on Win32 http://www.hh.iij4u.or.jp/~yukon/soft/pipmasq/
are they any good for ReactOS.
Regards, jh _______________________________________________ ros-general mailing list ros-general@reactos.org
http://www.reactos.org/mailman/listinfo/ros-general
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
__________________________________ Yahoo! FareChase: Search multiple travel sites in one click. http://farechase.yahoo.com
Yuri Urazov wrote:
Hi All,
Here NDIS level project.
Simple NDIS Hooking Based Firewall for NT4/2000
http://ntdev.h1.ru/ndis_fw.zip
All the best,
YU
Hi! http://ntdev.h1.ru/ndis_fw.html
From above page;
Currently all my working on ndis_fw project is stopped probably until the end of 2004. More stable version of NDIS hooking driver is included as a part of TdiFw project. See tdifw-1.3.2\addon\ndis_hk\src in downloaded zip-file.
So ndis_fw is the original source for TdiFw, now at http://sourceforge.net/projects/tdifw .
Thanks, James
Ged Murphy wrote:
Hi jh.
<snip>
the second one is a big no no. Winsock it the worst possible place to have a firewall. As for the 3rd, IP Masquerading is not really what we're looking for.
<snip>
Ged.
I have been using the i-safer firewall, so I look like having to use another one. I like the way it is so unobtrusive, no pop-up windows announcing that someone wants to ping my machine. What I don't like, is that it replies to unwanted packs, instead of staying silent.
Regards, jh
jh wrote:
I have been using the i-safer firewall, so I look like having to use another one. I like the way it is so unobtrusive, no pop-up windows announcing that someone wants to ping my machine. What I don't like, is that it replies to unwanted packs, instead of staying silent.
Will ZoneAlarm work on ROS? I know that it stays silent, ignoring "unwanted packs". I don't think it's open source, but it works well on windows.
Ralph Shumaker schrieb:
jh wrote:
I have been using the i-safer firewall, so I look like having to use another one. I like the way it is so unobtrusive, no pop-up windows announcing that someone wants to ping my machine. What I don't like, is that it replies to unwanted packs, instead of staying silent.
Will ZoneAlarm work on ROS? I know that it stays silent, ignoring "unwanted packs". I don't think it's open source, but it works well on windows.
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
Since the goal of ROS is to be binary compatible with Windows NT, I would say yes, but I also think ZoneAlarm is a horrible Firewall, there are many better Firewalls available. The best solution would be to create a new Firewall for ROS or change an existing one the way we want it, to include it in ROS.
Greets,
David Hinz
David Hinz wrote:
Ralph Shumaker schrieb:
Will ZoneAlarm work on ROS? I know that it stays silent, ignoring "unwanted packs". I don't think it's open source, but it works well on windows.
Since the goal of ROS is to be binary compatible with Windows NT, I would say yes, but I also think ZoneAlarm is a horrible Firewall, there are many better Firewalls available. The best solution would be to create a new Firewall for ROS or change an existing one the way we want it, to include it in ROS.
Considering there is no decent open source firewall available for windows, and the fact that including one is a _must_, this is exactly what we will be doing.
Ged
That's your opinion.
Do you know that on this box i've never run a firewall or a virus scanner? Occasionally i'll run a web based scanner to check suspicious files, etc. but i've never found need for a firewall/virus scanner. As long as you stay up to date and don't run questionable files you are fine. A firewall is not NEEDED as long as the OS is properly configured and working.
Richard
Ged Murphy wrote:
David Hinz wrote:
Ralph Shumaker schrieb:
Will ZoneAlarm work on ROS? I know that it stays silent, ignoring "unwanted packs". I don't think it's open source, but it works well on windows.
Since the goal of ROS is to be binary compatible with Windows NT, I would say yes, but I also think ZoneAlarm is a horrible Firewall, there are many better Firewalls available. The best solution would be to create a new Firewall for ROS or change an existing one the way we want it, to include it in ROS.
Considering there is no decent open source firewall available for windows, and the fact that including one is a _must_, this is exactly what we will be doing.
Ged
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
Richard Campbell wrote:
That's your opinion.
Do you know that on this box i've never run a firewall or a virus scanner? Occasionally i'll run a web based scanner to check suspicious files, etc. but i've never found need for a firewall/virus scanner. As long as you stay up to date and don't run questionable files you are fine. A firewall is not NEEDED as long as the OS is properly configured and working.
Richard
Many users of Windows like things that "just work." That includes virus protection and the like. While I shy away from questionable files and practices, sometimes prohibitively so, I retain a current, updated virus scanner on my machine, "just in case." People I work with aren't always as careful as I am, and I've found one or two (relatively harmless) things that way. It doesn't bother me much, but it is nice to have. Nobody's perfect.
As far as a firewall... I don't like software firewalls, but many do. They like their functionality to block things and whatnot.
Also, people just aren't careful. They don't care. They click away, and everything else. That's 70%, if not more, of the computer users that you have out there. If those people aren't protected out of the box, odds are they won't be -- and that puts the rest of us at risk, especially if they get something that can do nasty bandwidth hogging things.
When you're talking about "real" end-users, firewalls and virus software are a must. They are there to prevent the Internet from falling apart, in many ways, and while I don't like the fact that they are necessary at all, they are, and that's a result of the world we live in.
- Mike
crashfourit wrote:
I would say that the firewall needs to be integrated with the TCP/IP stack and the network API. This could give better protection for the end user, but it could come with a curse. To do this, we would need to make sure that eliminate, as much as possible, the possibility of double free and buffer overflow attacks. Also, there need to be an option to log were all the traffic is coming from or going to. In addition, it needs filter, including incoming traffic, outgoing traffic. Also, it need to be able to destignuish between trusted addapters and non-trusted addapter with various levels between them. It would also be nice to have the option to filter out most everything when the screensaver is on or after a certain user inactivity period.
I don't know about that idea, really. It pretty well completely undermines the ability of the user to make the choice, even if they are making a completely unreasonable one. It's the style of forcing things down one's neck that I just really don't get.
Other operating systems have this sort of thing built into their kernels, such as Linux and *BSD, but it's not something that has ever really been built-in to the Windows kernel, and various vendors have created their custom, third-party solutions to that. I think that perhaps the ROS firewall should be something that could be installed in the Add/Remove Components control panel, like you can add/remove features to/from Windows using. I don't think it'd actually be a bad idea to do that with a lot of things that ReactOS could come "out of the box" with. That helps do something that's great: Give the end-user a choice. If the end-user doesn't want to run the ReactOS optimized web server or the ReactOS firewall, they don't have to. They can use anything that they want in its place.
- Mike
I don't want to sound like a pedantic asshole, but can you guys stop the 7KB replies? Some of our members have 56K modems.
1) Don't use HTML 2) Don't include the reply-to-the-reply-to-the-reply-to-the-reply-to-the-reply-to-the-reply-to-the-reply-to-the-reply 3) Don't keep forwarding some .vcf attachment on and on and on.
Best regards, Alex Ionescu
crashfourit wrote:
True choice is needed, so I would add that there would need to be an option to turn off the built in firewall and install one of their choice. But I firmly believe there needs to be a built-in network logging system that is hard to tamper with by other programs that can be turned on or off by the user in the control pannel. The firewall could be set up too that way.
+1 --- Alex Ionescu ionucu@videotron.ca a écrit :
I don't want to sound like a pedantic asshole, but can you guys stop the 7KB replies? Some of our members have 56K modems.
- Don't use HTML
- Don't include the
reply-to-the-reply-to-the-reply-to-the-reply-to-the-reply-to-the-reply-to-the-reply-to-the-reply 3) Don't keep forwarding some .vcf attachment on and on and on.
Best regards, Alex Ionescu
Kind regards, Sylvain Petreolle (aka Usurp) --- --- --- --- --- --- --- --- --- --- --- --- --- Tired of a proprietary Windows on your computer ? Use free ReactOS instead ( http://www.reactos.org )
Hi Richard,
While I agree with your general statement (I don't run an antivirus/firewall myself for the same reasons), your argument and reasoning is flawed. You are assuming that all exploits that exist are patched. They are not. In fact, if you're running Windows XP patched with the latest available updates and have your RPC port open (you probably do), I can crack your machine -right now-. Without a firewall nothing will stop my exploit packet from reaching you; there is no published vulnerability for this bug. Do you use IE? I know of 4 unpatched bugs still in IE6 today that aren't "in the wild". One of them can be used to crack your system after going on a web-page. Once again, without a firewall, you'll get infected (even with one you will, but the payload wouldn't be able to do anything).
Best regards, Alex Ionescu
Richard Campbell wrote:
That's your opinion.
Do you know that on this box i've never run a firewall or a virus scanner? Occasionally i'll run a web based scanner to check suspicious files, etc. but i've never found need for a firewall/virus scanner. As long as you stay up to date and don't run questionable files you are fine. A firewall is not NEEDED as long as the OS is properly configured and working.
Richard
Ged Murphy wrote:
I'll give ya an ip if you'd like :)
Alex Ionescu wrote:
Hi Richard,
While I agree with your general statement (I don't run an antivirus/firewall myself for the same reasons), your argument and reasoning is flawed. You are assuming that all exploits that exist are patched. They are not. In fact, if you're running Windows XP patched with the latest available updates and have your RPC port open (you probably do), I can crack your machine -right now-. Without a firewall nothing will stop my exploit packet from reaching you; there is no published vulnerability for this bug. Do you use IE? I know of 4 unpatched bugs still in IE6 today that aren't "in the wild". One of them can be used to crack your system after going on a web-page. Once again, without a firewall, you'll get infected (even with one you will, but the payload wouldn't be able to do anything).
Best regards, Alex Ionescu
Richard Campbell wrote:
That's your opinion.
Do you know that on this box i've never run a firewall or a virus scanner? Occasionally i'll run a web based scanner to check suspicious files, etc. but i've never found need for a firewall/virus scanner. As long as you stay up to date and don't run questionable files you are fine. A firewall is not NEEDED as long as the OS is properly configured and working.
Richard
Ged Murphy wrote:
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
There's an old saying that goes like this: "It is better to be safe than sorry." I would like to have a superb firewall and virus scanner with the OS correctly configered. It just makes harder for something to go wrong.
Richard Campbell wrote:
I'll give ya an ip if you'd like :)
Alex Ionescu wrote:
Hi Richard,
While I agree with your general statement (I don't run an antivirus/firewall myself for the same reasons), your argument and reasoning is flawed. You are assuming that all exploits that exist are patched. They are not. In fact, if you're running Windows XP patched with the latest available updates and have your RPC port open (you probably do), I can crack your machine -right now-. Without a firewall nothing will stop my exploit packet from reaching you; there is no published vulnerability for this bug. Do you use IE? I know of 4 unpatched bugs still in IE6 today that aren't "in the wild". One of them can be used to crack your system after going on a web-page. Once again, without a firewall, you'll get infected (even with one you will, but the payload wouldn't be able to do anything).
Best regards, Alex Ionescu
Richard Campbell wrote:
That's your opinion.
Do you know that on this box i've never run a firewall or a virus scanner? Occasionally i'll run a web based scanner to check suspicious files, etc. but i've never found need for a firewall/virus scanner. As long as you stay up to date and don't run questionable files you are fine. A firewall is not NEEDED as long as the OS is properly configured and working.
Richard
Ged Murphy wrote:
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
crashfourit wrote:
There's an old saying that goes like this: "It is better to be safe than sorry." I would like to have a superb firewall and virus scanner with the OS correctly configered. It just makes harder for something to go wrong.
In some cases, it's kind of like the concept of mating: If you don't do it, you can't have some of the risks that come with it. However, in all honesty and seriousness, there are only a few things that you must do to be absolutely safe, and they're easy, but they aren't something that someone in today's world would probably be willing to do:
* Don't use the Internet. Unplug entirely from phone lines and networks. * Don't insert any media into your workstation, whatsoever, including from "trusted" sources. See the Sony hooplah for example.
Otherwise, if you're going to use things, use them smartly. You cannot count on the "general" public doing that, however, which is part of the reason for virus-scanners and firewalls and the like. I hide my machine behind a firewalling NAT so that nobody can get into it, not because it isn't properly configured, but because I'm not going to give someone the chance to get in where there may be another exploit lurking. Think about how many lines of code are in Windows XP and its related services and applications. I'm willing to bet, with the steady stream of updates ever-flowing from Microsoft, that there are more exploits then what is known about, be they remote, local, DoS, bugs, whatever.
Regardless, no computer is truly safe: Even if the only network that touches it is SneakerNet, people can get at it and do nasty things to it. Precautions just make sense, and they should be available if it's possible, and ultimately, the end-user should be able to exercise their right to choose what firewall/anti-virus configuration suits them.
- Mike
On Tue, 15 Nov 2005 08:47, Ged Murphy wrote:
David Hinz wrote:
Ralph Shumaker schrieb:
Will ZoneAlarm work on ROS? I know that it stays silent, ignoring "unwanted packs". I don't think it's open source, but it works well on windows.
Since the goal of ROS is to be binary compatible with Windows NT, I would say yes, but I also think ZoneAlarm is a horrible Firewall, there are many better Firewalls available. The best solution would be to create a new Firewall for ROS or change an existing one the way we want it, to include it in ROS.
Considering there is no decent open source firewall available for windows, and the fact that including one is a _must_, this is exactly what we will be doing.
I've thought occasionally, since the MS Win[9N][xT] TCP/IP stack is based on the *BSD one, that it should be possible to adapt the OpenBSD firewall/s to the MS Win-compatible TCP/IP stack. I thought of it when my Mum's MS Win05 box went online, but haven't had the time to do anything about it.
What do people think?
Wesley Parish
Ged
ros-general mailing list ros-general@reactos.org http://www.reactos.org/mailman/listinfo/ros-general
Ralph Shumaker wrote:
jh wrote:
I have been using the i-safer firewall, so I look like having to use another one. I like the way it is so unobtrusive, no pop-up windows announcing that someone wants to ping my machine. What I don't like, is that it replies to unwanted packs, instead of staying silent.
Will ZoneAlarm work on ROS? I know that it stays silent, ignoring "unwanted packs". I don't think it's open source, but it works well on windows. _______________________________________________ ros-general mailing list
I now use 'SoftPerfect Personal Firewall', it past the test at gr.com (ShieldUP page) with flying colours, totally silent.
Here are some paragraphs from their help page
SoftPerfect Personal Firewall works at the NDIS level and it is not able to determine what application is trying to access the Internet or a network resource. However, it is able to catch non-IP packets such as ARP or NETWARE.
License agreement
This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software.
Permission is granted to anyone to use this software for any purpose, excluding commercial use, and redistribute it freely.
If you wish to use the software for commercial purposes please contact us at info@softperfect.com to obtain a commercial license.
I hope that this one is not in the wrong place.
Regards, jh
-
Alex Ionescu -
crashfourit -
David Hinz -
Ged -
Ged Murphy
-
James Tabor -
jh -
Michael B. Trausch -
Ralph Shumaker -
Richard Campbell -
Sylvain Petreolle -
Wesley Parish -
Yuri Urazov