[tor-talk] Open source firewall.

[BugZ]

things like peerblock are dangerous.

Why? They tend to create a false sense of security.

The common blocklists imported to peerblock merely references IP blocks 
openly registered to corps. No IP 'property' protectors worth their salt 
would limit their tracking to those IP blocks. They'd use common ISP 
connections so as to appear to be just another normal user trying to 
leech/share files etc. They are not going to connect from *.sony.com. So 
how do you address that? block every user-based ISP in the world?

While you can create your own list of IPs to block, unless you create a 
whitelist for your friends' IPs and then a block list for the entire 
world *.*.*.*, the effort needed to maintain more useful lists makes 
this impractical.

External firewalls, in routers or standalone, merely open ports. 
Application access control has to be installed on the client PC to catch 
trojans or phonehome spyware that try to use any such open ports.

On 1/19/2014 9:47 PM, TheMindwareGroup wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Windows firewall is useless.
>
> Someone should write an open source firewall, I found a couple of
> pieces of open source firewall code but they where really poor (one of
> them crashed my computer), and I found an open source program
> PeerBlock to be used to stop anti-copyright company's targeting your
> file sharing, by blocking there IP address's (in both directions).
>
> Its fast, efficient and has hardly any footprint but if it was
> actually a full firewall it would be awesome, I would rather use a
> small efficient open source program like this that I know I can count on.
>
> Such a piece of software would be a great security enhancement to Tor.
> Even just a small program to block all outgoing traffic to stop
> programs from accessing the internet directly (which would also stop
> virus's and Trojans).
>
> When I used it I was amazed to see how many IP address's get accessed
> without my knowledge, and how many other IPs that tried to access my
> computer (all strange port numbers probably virus, trojan programs).
>
> The NSA must have a hell of a job cos they dont even know if any of
> these access's where even you or not.
>
> Does anyone actually trust any of the commercial firewalls?
> And why would anyone pay for a large slow, piece of software that
> probably doesn't do a good job anyway and might have back doors?
>
> ~Shadowman
>
> ~TheMindwareGroup
> TheMindwareGroup at gmail.com PGP: 0xf4b6586f
> -----BEGIN PGP SIGNATURE-----
>
> iQEcBAEBCgAGBQJS3I4zAAoJEKcLVST0tlhvJNcH/02XoEDCGI2psjTZ77QFq+ML
> 8uLAxfnNoI8e6i3jB7r2Ijyu+ha4nFqzrrTIyv9Gto1GsFLjl6tzMDCKHfC/+omx
> cATDuQ4gRp21pmgbwqPNxFHdMlqBOPpHXFvlFDKztfAzToL8umWIrg5j/f7uVa1a
> 25yWxnaJlS7FwqCn+krLk50jBDtNKSmdVzFtskdw0fMrszuPogYLNYYa/9CNPrO8
> M+qAa8URA9U46S83XmAlJlWSNPv2pMQGARHfSfNHPb+W5txVHW32h+9KYcY+mIvz
> n7UUbAT56GCeupl1B88fjJDKUL5VmtjIcPK1omGmCni5tRi1jMMPKUKpchJVj5E=
> =aNTG
> -----END PGP SIGNATURE-----