Re: [coLinux-users] coLinux as software firewall

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Henry Nestler schrieb:

> CoLinux was develop for speed and low recource consumption, not for
> security. CoLinux self as a Windows application needs access to network
> in your example. So, if you would allow coLinux the network access, then
> also all other Windows applications (bad or good) have access to the
> network in same way. Sure, you can install some tools to allow only
> coLinux the network access. But, after such setup, you not needs coLinux
> as firewall. You can than also setup your Firewall to allow only Browser
> and Mail and so on the internet access.
> 
> The answer about "force all" traffic to coLinux is no.

I dare to disagree. You can do that if you bridge the network card with 
a tap device and remove any protocol from the bridge. All communcation 
would go through colinux and get filtered and back to windows through a 
second tap device.

> For your recource questions: A Windwos Firewall and a native
> Windows-Proxy would better work. Better for the hdd space and cpu load.

Better for hdd space and cpu load, that is true. Not if configurability 
or centralised configuration comes into play. Having iptables everywhere 
  makes things easier.

> If you wish totaly security, then only a real outside hardware box
> (router) can only do it.

> An other case is, if you would surf with the Linux-Firefox inside the
> coLinux. This would be mutch saver security. Because this type of using
> coLinux you are a Linux user and inside a virtual machine.

Both of that, of course, is right.

Re: [coLinux-users] coLinux as software firewall

Run Linux on Windows or other OSes, natively.

Re: [coLinux-users] coLinux as software firewall