Nguyen Vu Hung a ?crit : > ZoneAlarm is a firewall, it is a closed source application so I don't > know much about it: Zone Alarm has quite small footprint( 20MB is > big???) but I don't know if it does anything other than monitor an > scanning the network interface. I thought that it is some kind of > heuristic algorithm In my understanding, since I've used it for years when I was using Windows, ZoneAlarm doesn't (didn't at that time) do anything more than catching connexion request and warn/ask the current user.
> but as far as I can "feel", iptables beats it in term of performance. > I've run "top" on a heavy-traffic box but iptables never shown on top. You will never see iptables in top, because it's not a processus! iptables is a command to tune the netfilter parameters, as was ipchains (pre 2.2) and ipfwadm (pre 2.0) ; netfilter is the network connexion processing (tracking, filtering, altering, ?) in Linux. It's right inside the kernel, not a processus but part of the network stack, so you will never see it in the processus list. > In fact, I think an antivirus software does more than file IO scanning. > Yep. Modern ones tend to try to do everything? From file (and boot sector and memory) scanning to as far as network *content* analysis and filtering with heuristics questionable sometimes? You know the Unix way: do one thing and do it well! But it doesn't seem to apply at all in Windows? :-( > In the first post, I have asked the same question: "Is there any fast - small > footprint - antivirus software out there? clamav can not hook Windows File IO > APIs so it is not fit home users' need. Feel free to fix me if you think I am > wrong :) > You are right on the fact it doesn't fit what end-users expect from an anti-virus: do everything auto-magically so they don't have to care of doing anything themselves? On the other side I would say that clamav, which only runs when you ask it do to so, would be enough if the Windows system were well secured by default. The same as in GNU/Linux: you can get caught by viruses too, but since everything is configured so they won't be executed auto-magically and since they have a very little space for intruding the system (only touching your personal account), there is no need for running a bloatware that will analyze every single bit of data you read/write from/to the disk! > I know that it is not good to post a Windows related question on a Linux ML. > However, looking for alternative FLOSS for WIndows is a thing I am trying to > do, for me, for my friends... But see its effects: I got more than 20 emails > until today :) > Yep. We already had this discussion before. And the conclusion was we agree to discuss about FLOSS on Windows and moving from Windows to GNU/Linux. > The problem is the User Interface and the softwares they run on the OS, not > the OS itself. Security is a reason but not all. I am sure that most of the > average users don't care about security: They have a firewall and an > antivirus software to make them feel safe, they trust the OS maker delivering > the best OS with good price to them. > Yep, it's exactly that: using firewall and antivirus software make them *feel* safe, but not being so? Sadly, people trust more their feeling than true technical arguments though? > Did I mentioned a "good price"? Oh, no, "WIndows is free", at least in > Vietnam: > cf. http://autotelic.com/windows_is_free > I'm not sure this argument will last very long, even for end-users, especially if everybody else (universities, administrations, companies, ?) is using and promoting FLOSS ! At least I hope so? ;-) -- Jean Christophe "????" ANDR? ? ? ? Responsable technique r?gional Bureau Asie-Pacifique (BAP) ? ? ? http://www.asie-pacifique.auf.org/ Agence universitaire de la Francophonie (AuF) ? ? ? http://www.auf.org/ Adresse postale : AUF, 21 L? Th?nh T?ng, T.T. Ho?n Ki?m, H? N?i, Vi?t Nam T?l. : +84 4 9331108 ? Fax : +84 4 8247383 ? Cellul. : +84 91 3248747 ? Note personnelle: merci d'?viter de m'envoyer des fichiers PowerPoint ? ? ou Word, cf http://www.gnu.org/philosophy/no-word-attachments.fr.html ? -------------- section suivante -------------- Une pi?ce jointe non texte a ?t? nettoy?e... Nom: signature.asc Type: application/pgp-signature Taille: 260 octets Desc: OpenPGP digital signature Url: http://lists.hanoilug.org/pipermail/hanoilug/attachments/20090203/148926e3/attachment.pgp
