Application aware firewall/IPS/IDS - Ubuntu firewall Plus Plus
We have been talking about a firewall for ubuntu. This becomes more important as we mature as a platform and start looking at user-friendly applications. ZeroConf is the first one in this realm.
WHile the goal iof this specification is to have a user-fiiendly, dynamic firewall/IPS/IDS, the first task is to make ZeroConf happen - without sacrificing the security posture of Ubuntu. This specification and associated work will figure out figure out all the interactions (at the UDP/TCP) level, map out the ports required and map out the ipTables rules. Then, of course, a gui/log et al needs to be done. The question to answer is - Can we open up just ZeroConf and still maintain the security posture we are comfortable with ?
Please feel free to add your insights, thoughts and general rants. Code and firewall rules as well !
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Krishna Sankar
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by