|
||||||||||
You can allow IDENT based on certain IP's (say if you use a select group of IRC servers) And if we can add a "REJECT" you don't even have to fully allow ident anyway. (Leave out your IRC app as a possibly hackable component) -----Original Message----- From: Mitch (WebCob) [mailto:mitch at webcob dot com] Sent: Tuesday, December 30, 2003 2:43 AM To: m0n0wall at lists dot m0n0 dot ch Subject: [m0n0wall] windows built in "ident"... this may not be in here yet... maybe it's not easy... but if someone could point me in the right direction that would be a start... Other firewalls support passing requests made by certain applications... zone alarm or black ice for example - and the parts they have integrated with linksys routers... can detect a bogus HTTP request generated by a program OTHER THAN Internet Explorer (like by a virus or a messenger program trying to circumvent the firewall) and shut them down... They are able to detect the NAME of the application initiating the request... I'm thinking this is parallel to identd, but seems to be built into windows... Does anyone know what it's called or where the protocol is defined? Could be an interesting addition... I'd like to poke around in this area, but can't find where to start. Thanks. --------------------------------------------------------------------- To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch |