| 1 |
On Wed, Feb 28, 2018 at 6:22 PM, Taiidan@×××.com <Taiidan@×××.com> wrote: |
| 2 |
> Is there a windows style application layer firewall? |
| 3 |
|
| 4 |
Windows doesn't have an "application layer firewall" as far as I know. |
| 5 |
I believe that it does the filtering at the OS level, the same as |
| 6 |
Linux. |
| 7 |
|
| 8 |
Now, it is true that the UI for the Windows Firewall is typically used |
| 9 |
to set rules on a per-application basis. However, I'm pretty sure |
| 10 |
this can also be done with netfilter. I'm not sure if any of the more |
| 11 |
convenient netfilter front-ends offer this capability. |
| 12 |
|
| 13 |
> I get that it doesn't |
| 14 |
> stop truly malicious programs |
| 15 |
|
| 16 |
As far as I'm aware there is nothing really wrong with the Windows |
| 17 |
Firewall. I wouldn't expect it to be any less secure than netfilter. |
| 18 |
There is something to be said for having layers of defense and running |
| 19 |
a firewall that isn't on the server being protected, but that is true |
| 20 |
of both Linux and Windows. Of course the Windows implementation could |
| 21 |
contain a bug that the Linux implementation lacks, but the reverse is |
| 22 |
also true. Like everybody around here I prefer a FOSS implementation, |
| 23 |
and would trust it more due to the "many eyes" philosophy, but I'd |
| 24 |
stop short of saying that the Windows software firewall is |
| 25 |
particularly insecure. |
| 26 |
|
| 27 |
And of course if you want to filter based on process you have no |
| 28 |
choice but to implement it on the host running the process. This |
| 29 |
doesn't prevent you from also having a separate firewall at the |
| 30 |
network perimeter either. |
| 31 |
|
| 32 |
-- |
| 33 |
Rich |
Archives