[ previous ] [ next ] [ threads ]
 
 From:  "Brandon Holland" <brandon at cookssaw dot com>
 To:  "'Mitch \(WebCob\)'" <mitch at webcob dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] windows built in "ident"...
 Date:  Tue, 30 Dec 2003 10:58:30 -0600
You can allow IDENT based on certain IP's (say if you use a select group
of IRC servers)

And if we can add a "REJECT" you don't even have to fully allow ident
anyway.  (Leave out your IRC app as a possibly hackable component)

-----Original Message-----
From: Mitch (WebCob) [mailto:mitch at webcob dot com] 
Sent: Tuesday, December 30, 2003 2:43 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] windows built in "ident"...

this may not be in here yet... maybe it's not easy... but if someone
could
point me in the right direction that would be a start...

Other firewalls support passing requests made by certain applications...
zone alarm or black ice for example - and the parts they have integrated
with linksys routers... can detect a bogus HTTP request generated by a
program OTHER THAN Internet Explorer (like by a virus or a messenger
program
trying to circumvent the firewall) and shut them down...

They are able to detect the NAME of the application initiating the
request...

I'm thinking this is parallel to identd, but seems to be built into
windows... Does anyone know what it's called or where the protocol is
defined? Could be an interesting addition... I'd like to poke around in
this
area, but can't find where to start.

Thanks.


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch