How does Zonealarm check outgoing packets?

How does Zonealarm for Windows check outgoing packets to ask if you want to allow a specific _program_ to access the web?

How does it warn that a program is asking for server rights?

I'd like to see if these features could be incorporated into a unix/linux netfilter firewall but first want to understand how it's done.

I'm hoping that some on the list have an idea of how the internals work.


Reply to
Larry Alkoff
Loading thread data ...



ZA or similar programs are no good examples for firewalls. Netfilter is a packet-filter, and quite a good one, nothing more, nothing less. If you don't want a particular software to communicate via the network, deny execution of the software. Reading the manpage of chmod should offer help. If you are uncertain whether you can trust a Linux application, read the source code of it. Apart from that a packet filter acting as a separate device never can have even the slightest clue which application on another machine has created a certain packet.

The mechanisms of comminication between applications (and kernel) in Windows and Linux are totally different.

Windows internals are irrelevant in a Linux environment.


Reply to
Wolfgang Kueter Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.