Jochen Schulz wrote:
And, by the way: I don't know about any "desktop firewall" like Trend
Micro's for Linux. Firewall applications for Linux take a different
approach than those for Windows and this is generally a good thing. In
short, you don't need such software when running Linux and in my opinion
you don't them on Windows either.
You wouldn't believe how many Windows programs want to talk to the
Internet, and nobody knows for sure what most of them want to talk
about. Windows from XP onwards has a built-in firewall controlling
incoming packets, but only from Vista on does it also control outgoing
packets. Most programs seem to want to upgrade themselves every time the
computer is turned on, and a security-conscious person might want to
prevent this, as there's no way a user can tell if the upgrade request
is genuine. It is safer to download the latest version from the website
and install it manually.
Another issue is that Windows viruses normally want to send lots of
email, and if you're using webmail, there's no need for the client PC
ever to send any SMTP messages. Even if you do use SMTP, it will only
ever be to one smarthost, so control of outgoing SMTP is usually a good
idea.
Viruses also masquerade as genuine programs which should be allowed to
use the Net, so most Windows 'personal firewalls' now make a quick check
of a program requesting outgoing access, and match it against a hash
which was calculated when the program was first installed and made its
first attempt to connect out.
None of this actually stops a Windows machine from getting infected, but
it tries to offer an early warning that it has happened, so the machine
doesn't keep sending a flood of spam for weeks. With no outgoing packet
control on PC or router, there is no way for the average home user to
know what his machine is getting up to.
Agreed, there's little need for an outgoing firewall for Linux, though
the restriction of packets in and out to those known to be necessary is
never a bad idea. *nix may not (yet) have viruses spread by users, but
it certainly has had worms, and I wouldn't be surprised if many Windows
viruses now look around the network to see if there are any *nix
machines running on it.
I also expect to see many more closed-source applications, mostly games,
running on *nix in the future, and some of them could well contain what
the AV vendors like to call 'potentially unwanted programs'. Not
actually keyloggers as such, but things which might log and report on
web browsing or downloading. There's a lot of (financial) connections
between legitimate software publishers and legal but aggressive and
unethical marketing companies in the Windows world, and we can expect
some spillover as Ubuntu and other distributions appeal to people like
the OP.
--
Joe
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
