1 |
On Wed, Feb 28, 2018 at 6:22 PM, Taiidan@×××.com <Taiidan@×××.com> wrote: |
2 |
> Is there a windows style application layer firewall? |
3 |
|
4 |
Windows doesn't have an "application layer firewall" as far as I know. |
5 |
I believe that it does the filtering at the OS level, the same as |
6 |
Linux. |
7 |
|
8 |
Now, it is true that the UI for the Windows Firewall is typically used |
9 |
to set rules on a per-application basis. However, I'm pretty sure |
10 |
this can also be done with netfilter. I'm not sure if any of the more |
11 |
convenient netfilter front-ends offer this capability. |
12 |
|
13 |
> I get that it doesn't |
14 |
> stop truly malicious programs |
15 |
|
16 |
As far as I'm aware there is nothing really wrong with the Windows |
17 |
Firewall. I wouldn't expect it to be any less secure than netfilter. |
18 |
There is something to be said for having layers of defense and running |
19 |
a firewall that isn't on the server being protected, but that is true |
20 |
of both Linux and Windows. Of course the Windows implementation could |
21 |
contain a bug that the Linux implementation lacks, but the reverse is |
22 |
also true. Like everybody around here I prefer a FOSS implementation, |
23 |
and would trust it more due to the "many eyes" philosophy, but I'd |
24 |
stop short of saying that the Windows software firewall is |
25 |
particularly insecure. |
26 |
|
27 |
And of course if you want to filter based on process you have no |
28 |
choice but to implement it on the host running the process. This |
29 |
doesn't prevent you from also having a separate firewall at the |
30 |
network perimeter either. |
31 |
|
32 |
-- |
33 |
Rich |