Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Software Troubleshooting
Fort Knox Firewall
Message
<blockquote data-quote="AtlBo" data-source="post: 714349" data-attributes="member: 32547"><p>All the home firewalls have a weakness that is hard to overcome. They don't separate svchost and the services into separate entities, each with its own ability to use Windows based components to make contact via the internet. And then all of those component applications should be further monitored (like any installed/user introduced executable) as a single unique application for any other associated activity they may have, whether or not the application ever runs standalone or of user choice. They should be monitored like any other application and then their connections listed as one of two things. For services: Windows process->associated with BITS service (etc)->connection rule. For installed programs: Program/user installed process etc.->rule. So the user should see the rules presented this way by responsible application and should be easily able to see and manage the activities of the Windows process/component process (if present) for the connection.</p><p></p><p>This is the only way we can come up with powerful enough sets of rules for normal Windows activity for firewalling to be really effective.</p><p></p><p>Comodo actually has made an effort with these things. If you follow this trail you end up realizing how cripplingly difficult it is to firewall systems that aren't properly connected formally to a network...even if it's a homegroup/whatever. So Comodo did something about that by sensing when you are connected to a new router/gateway etc. Huge for laptops. Also, the considerations for laptops about being connected public/private are not always known or understood. Comodo helps with that too. On down the line, you do end up with a crapshoot of things calling themselves svchost with the sweeping rules for their use and so on. Again, improving those would mean more refined monitoring and more refined presentation of the monitoring (in more organized and greater detail)...</p><p></p><p>What I have drawn over the last 4-5 years. Possible and practical are two very different things...</p></blockquote><p></p>
[QUOTE="AtlBo, post: 714349, member: 32547"] All the home firewalls have a weakness that is hard to overcome. They don't separate svchost and the services into separate entities, each with its own ability to use Windows based components to make contact via the internet. And then all of those component applications should be further monitored (like any installed/user introduced executable) as a single unique application for any other associated activity they may have, whether or not the application ever runs standalone or of user choice. They should be monitored like any other application and then their connections listed as one of two things. For services: Windows process->associated with BITS service (etc)->connection rule. For installed programs: Program/user installed process etc.->rule. So the user should see the rules presented this way by responsible application and should be easily able to see and manage the activities of the Windows process/component process (if present) for the connection. This is the only way we can come up with powerful enough sets of rules for normal Windows activity for firewalling to be really effective. Comodo actually has made an effort with these things. If you follow this trail you end up realizing how cripplingly difficult it is to firewall systems that aren't properly connected formally to a network...even if it's a homegroup/whatever. So Comodo did something about that by sensing when you are connected to a new router/gateway etc. Huge for laptops. Also, the considerations for laptops about being connected public/private are not always known or understood. Comodo helps with that too. On down the line, you do end up with a crapshoot of things calling themselves svchost with the sweeping rules for their use and so on. Again, improving those would mean more refined monitoring and more refined presentation of the monitoring (in more organized and greater detail)... What I have drawn over the last 4-5 years. Possible and practical are two very different things... [/QUOTE]
Insert quotes…
Verification
Post reply
Top