h a l f b a k e r y
Bunned. James Bunned.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
or get an account
Hardware network firewalls are generally pretty good, but unfortunately they have no way of knowing what application software is sending/seeking a particular packet.
Software firewalls have better ability than hardware firewalls to determine what application is trying to communicate, but unfortunately
can be bypassed in a number of ways.
My proposal would be to have a software firewall that communicates with a hardware firewall via an encrypted method (user-settable) so that even if the software firewall is bypassed, the software bypassing it still won't be able to get outside network access (unless the user physically pushes a button on the hardware firewall to allow such access, as he might do if he needs to do a safe-mode boot).
To provide protection against application spoofing, the software firewall would use an encrypted hash function for application code using random 'salt' supplied by the firewall. Only the firewall would keep a list of what application signatures were valid--not the computer--so malware authors would have no way of knowing what signatures to spoof. To avoid having malware pop up phony 'authorization' boxes, the firewall would come with a small stick-on-keyboard assembly with a small display and 3-5 buttons. It would thus be entirely impossible for an application fake "approve" keypresses for the firewall unless it controlled a mechanical robot that could physically push its buttons.
Please log in.
If you're not logged in,
you can see what this page
looks like, but you will
not be able to add anything.
||Your details are confusing but I think the concept is solid.
Obviously for consumer marketing there's the issue of convenience, but personally I'd like some hands-on control of my software. [+]
||This would make sense if hardware firewalls were always better than software ones. Other than performance advantages there is no reason why a software firewall should not be as good as - or better than a hardware firewall.
||One problem with software firewalls is that, at least under Windows, it is possible for rogue software to bypass them. Having a combination hardware/software firewall would make such bypass more difficult, because the rogue software would have to be set up to deal with the particular encryption used for firewall/PC communications.
||If one particular combination hardware/software firewall became overly dominant in the marketplace, attackers might be able to find a vulnerability in the PC side. But if different companies' products use different methods, and none is too dominant in the marketplace, it would be harder for hackers to come up with a really good exploit.