Full Disclosure mailing list archives

RE: Application level firewall

From: Oliver Heinz <h1o () arago de>
Date: Fri, 17 Oct 2003 16:29:17 +0200


Hello,

you could try "delegate".

( http://wall.etl.go.jp/delegate/, or
http://www.netsw.org/net/ip/firewall/proxy/delegate/ )

Regards, Oliver Heinz
  -------------------------------------------------------------------------
 | arago,                     |  Oliver Heinz                              |
 | Institut fuer komplexes    |  Bereichsleiter Systembetrieb & Security   |
 | Datenmanagement AG         |  eMail: heinz () arago de                     |
 | Am Niddatal 3              |                                            |
 | 60488 Frankfurt am Main    |  http://www.arago.de/                      |
 | Tel: +49-69-40568-401      |  PGP-Fingerprint: a5de d4b4 46b3 4d8b 2646 |
 | Fax: +49-69-40568-111      |                   d4d0 e5fd d842 cc4e 7315 |
  -------------------------------------------------------------------------

-----Original Message-----
From: Jason Freidman [mailto:jason.full-disclosure () compnski com]
Sent: Friday, October 17, 2003 2:02 PM
To: Full-Disclosure () lists netsys com
Subject: [Full-disclosure] Application level firewall

Is there any sort of application level firewall for linux?  Something
like Zone alarm where you can trust an application?  I think that
openBSD has something that allows you to choose which system calls a
program can run.

The idea would be to restrict a bind call and connect call
using kernel
modules unless the program is in a config file.  It would
make it easier
(i would think) to lockdown a computer for outgoing
connections as well
as add a new layer of security.

--
Jason Freidman <jason.full-disclosure () compnski com>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Application level firewall Jason Freidman (Oct 17)
- Re: Application level firewall Florian Weimer (Oct 17)
- Re: Application level firewall Raj Mathur (Oct 17)
  - Re: Application level firewall fg (Oct 17)
- Re: Application level firewall Andreas Gietl (Oct 17)
- Re: Application level firewall John Leach (Oct 17)
- Re: Application level firewall Kevin Currie (Oct 17)
- <Possible follow-ups>
- RE: Application level firewall Andriy Bilous (Oct 17)
  - RE: Application level firewall Oliver Heinz (Oct 17)
- RE: Application level firewall Andriy Bilous (Oct 18)
  - RE: Application level firewall Adam Lydick (Oct 18)