On Sun, Dec 7, 2008 at 10:26 PM, David Brown <[EMAIL PROTECTED]> wrote:
> Actually, far and away the best general purpose firewall on Windows is > the built-in windows firewall - it is *much* better than any third-party > addon (except perhaps ipfilter for windows), simply because it doesn't > have a huge baggage of extra code to slow down the system and introduce > new bugs and exploitable holes. I *strongly* disagree. The firewall built into Windows XP is an inbound firewall only. It won't prevent programs and rogue apps from "phoning home", nor will it alert of any such outbound connections. I use Sunbelt Personal Firewall (from the days it was Tiny Personal Firewall), it is lightweight and gives something very important that ipfilter can't match: PER-APPLICATION warning of inbound and outbound connections, and the ability to set rules on a per-application basis. It also controls when one application is launching another, alerting the user and allowing you to set rules "on the fly". I haven't seen that on Linux, but I admit I haven't looked at the state of Linux firewalls in a long time. The "IPTables is good enough" attitude is not very helpful, imho, as you only set general per-port or per-protocol rules, but cannot control which applications are given TCP/IP access or not. Just my $0.02 FC _______________________________________________ vbox-users mailing list [email protected] http://vbox.innotek.de/mailman/listinfo/vbox-users
