Cygwin and firewalls (FAQ alert)

Dave Korn dave.korn@artimi.com
Tue Jun 21 17:06:00 GMT 2005


----Original Message----
>From: Yitzchak Scott-Thoennes
>Sent: 21 June 2005 07:16

> On Mon, Jun 20, 2005 at 11:06:47PM -0700, Joshua Daniel Franklin wrote:
>> On 6/17/05, Christopher Faylor wrote:
>>>>> Why not just use the system firewall which is part of XP SP2?
>> 
>>> Joshua, do you think you could add an entry about this concerning
>>> what seems to work and what doesn't seem to work?
>> 
>> Done. http://cygwin.com/faq/faq_3.html#SEC55
>> 
>>> Although, I thought I recalled that Norton's firewall didn't work too
>>> well.
>> 
>> Me too, but it is a popular product and maybe they've improved.
>> I also thought I remembered one that never worked for anyone
>> but a quick search didn't turn up the name. I'll update the entry
>> as details emerge.
> 
> Was that ZoneAlarm?


  I've been using cygwin with many different versions of ZA for years now
and never experienced the slightest difficulty, but then again I'm not the
kind to klutzily block my own local loopback connections from accessing my
own X server when my PFW pops up a requester.  (I am deeply cynical that all
reported difficulties are in fact pilot errors.)  In contrary to what the
cygwin X faq says in point 7.6, I am running ZA free version 5.0.590.043 and
startx, xwin, and startxwin all WJFFM.

  However, there is one weakness in ZA's default configuration, and that's
that it doesn't automatically put the local loopback connection into the
trusted zone.  If you use lots of X, I'd recommend you manually create an
entry in the Firewall/Zones tab of ZA, by clicking on "Add" and choosing "IP
Address", then entering "127.0.0.1" for the address, "localhost" for the
description, and selecting the "Trusted" zone before OK'ing it.  This will
allow you to safely click "Remember" and "Allow" when you run your X server
or any of your apps and not worry about inadvertently offering an X server
to the internet-at-large.....


    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



More information about the Cygwin mailing list