| View previous topic :: View next topic |
| Author |
Message |
x-Wall-team
Corporal
Joined: Apr 19, 2004
Posts: 50
Location: USA
|
 Posted: Sat Sep 18, 2004 2:08 pm Post subject: Zone adviser |
|
|
We are planning a feature in a next version – so-called Zone Adviser.
It will help to users find and set optimal security zone for applications.
As we know users are often confusing with the proper application’s zone setting.
The new feature will include well-known application names (and\or filenames) and the correspondent (best for the application) zone names.
Every time x-Wall detects new application network activity and prompts the user to set proper security zone, zone adviser will search in the internal database and try to advise the most suitable zone.
For that purpose, we are trying to collect your point of view in zone settings for various applications.
Would you share your experience with us in the following form?
Application name, executable name, selected zone.
Your generalized experience will be included in next versions
Thank you
|
|
| Back to top |
|
 |
ggsearch
Special Response Team
Premium Member
Joined: Feb 09, 2004
Posts: 702
Location: Netherlands
|
|
| Back to top |
|
|
x-Wall-team
Corporal
Joined: Apr 19, 2004
Posts: 50
Location: USA
|
| Posted: Tue Sep 28, 2004 7:25 am Post subject: Application-to-zone export |
|
|
Thank you for the apps-to-zones list.
Probably I should become acquainted with some of them in more detail.
>How about an export program rules function.
Unfortunately, no (at least in present version).
x-Wall guards processes (not exe files). Exe file is only a file with no possibility of internet access (strictly speaking). So, there is no need to protect it from the internet access.
Of course, each exe file generates a process with correspondent name when you run\launch exe file and process should be protected.
We should use only process name for unique identification of the internet access requester.
However, we know several situations when exe-file name differs from the process it generates or exe file generates several processes. As the result, the result exe-file name is not enough and such export functionality is useless.
|
|
| Back to top |
|
|
ggsearch
Special Response Team
Premium Member
Joined: Feb 09, 2004
Posts: 702
Location: Netherlands
|
| Posted: Mon Oct 04, 2004 7:28 am Post subject: |
|
|
Should I continu with this list?
_________________
Do something back for CCSP: Donate!
|
|
| Back to top |
|
|
x-Wall-team
Corporal
Joined: Apr 19, 2004
Posts: 50
Location: USA
|
| Posted: Mon Oct 04, 2004 7:52 am Post subject: Zone Adviser + something more |
|
|
Yes. Thank you
But, please remember the result list (for zone adviser) will contain only well-known application table.
On the other side, security model may differ from user to user. A zone you have chosen for an application (Ex “EnableAll”) might not satisfy another user preferring more complex rule for the application.
Hint of the last week.
There some information sources telling us about DNS leak vulnerability (http://www.firewallleaktester.com).
One of our users advised to use special DNS zone to solve the problem. He restricted svchost access not only with TCP/UDP port 53, but also with IP address of his primary DNS service.
If you want to add secondary DNS server entry – just add second DNS rule.
Later we will add special DNS IP wizard to x-Wall’s zone manager.
Unfortunately the solution is not universal. There could be no svchost or even binary with similar functionality (Win98\WinME). So it would be difficult to automate completely.
If you have a chance to test the method, it would help us to create the feature in the future.
PS 3.0.087 is coming tomorrow
|
|
| Back to top |
|
|
|
|
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
