Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com From: "Dave Korn" To: Subject: RE: Cygwin and firewalls (FAQ alert) Date: Tue, 21 Jun 2005 16:02:28 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit In-Reply-To: <20050621061617.GA3536@efn.org> Message-ID: ----Original Message---- >From: Yitzchak Scott-Thoennes >Sent: 21 June 2005 07:16 > On Mon, Jun 20, 2005 at 11:06:47PM -0700, Joshua Daniel Franklin wrote: >> On 6/17/05, Christopher Faylor wrote: >>>>> Why not just use the system firewall which is part of XP SP2? >> >>> Joshua, do you think you could add an entry about this concerning >>> what seems to work and what doesn't seem to work? >> >> Done. http://cygwin.com/faq/faq_3.html#SEC55 >> >>> Although, I thought I recalled that Norton's firewall didn't work too >>> well. >> >> Me too, but it is a popular product and maybe they've improved. >> I also thought I remembered one that never worked for anyone >> but a quick search didn't turn up the name. I'll update the entry >> as details emerge. > > Was that ZoneAlarm? I've been using cygwin with many different versions of ZA for years now and never experienced the slightest difficulty, but then again I'm not the kind to klutzily block my own local loopback connections from accessing my own X server when my PFW pops up a requester. (I am deeply cynical that all reported difficulties are in fact pilot errors.) In contrary to what the cygwin X faq says in point 7.6, I am running ZA free version 5.0.590.043 and startx, xwin, and startxwin all WJFFM. However, there is one weakness in ZA's default configuration, and that's that it doesn't automatically put the local loopback connection into the trusted zone. If you use lots of X, I'd recommend you manually create an entry in the Firewall/Zones tab of ZA, by clicking on "Add" and choosing "IP Address", then entering "127.0.0.1" for the address, "localhost" for the description, and selecting the "Trusted" zone before OK'ing it. This will allow you to safely click "Remember" and "Allow" when you run your X server or any of your apps and not worry about inadvertently offering an X server to the internet-at-large..... cheers, DaveK -- Can't think of a witty .sigline today.... -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/