[Dshield] RE: this whole personal firewall debate

John Hardin johnh at aproposretail.com
Wed Jul 24 20:34:36 GMT 2002


On Wed, 2002-07-24 at 11:43, Russell Washington wrote:

> I would be in grand favor of a so-called personal firewall, topologically
> speaking, if its default behavior was to make you have to dig into it and do
> something explicitly, intentionally, and hopefully with some knowledge, to
> get it to undo its security measures.  *Without* that, it just doesn't seem
> to me to be a particularly effective security device in the aggregate.  For
> the *single informed user*, effective, yes; but not in the uninformed
> aggregate.

...which kind of supports the model I was thinking of, where the PFW
monitors traffic and where possible the local program that's involved,
then at some future time (rather than immediately) it lets the user go
to a management console where the traffic is categorized and
explanations are available (purpose, programs involved, hazards), and
the user has the option of unblocking particular blocked traffic or
blocking traffic that is being permitted.

There would not be a "permit all" button...

In other words, profile, then let the user make a decision when they're
not in "don't bother me now!" mode.

-- 
John Hardin                                   <johnh at aproposretail.com>
Internal Systems Administrator                    voice: (425) 672-1304
Apropos Retail Management Systems, Inc.             fax: (425) 672-0192
-----------------------------------------------------------------------
 "To disable the Internet to save EMI and Disney is the moral
  equivalent of burning down the library of Alexandria to ensure the
  livelihood of monastic scribes."
                                    -- John Ippolito of the Guggenheim
-----------------------------------------------------------------------
 303 days until The Matrix Reloaded




More information about the list mailing list