-26

I think a security suite that encompasses the firewall, email anti-virus, file anti-virus, network security. Even if this is just a wrapper program that checks if these services status and displays it would be helpful. A button could be added to call up the appropriate program to configure/run the services. This would give an end user a single place to go for all security related inquiries. What do you think?

This is a system wide thing that should be provided by Distributions, although Linux based systems do not currently need malware detectors, although they do have firewalls ( which are always active, when the firewall is "disabled" it is actually just permitting everything )

Some distros already use a firewall using IPTables (iirc, Kubuntu does). You can otherwise download firewalls like firestarter. I personally don't think there is a need of including in the default installation if they are already in the repositories.

In my experience, the annoyances of Antivirus programs outweigh the benefits. People that don't know how to keep themselves safe on the Internet are very capable of keeping themselves unsafe no matter what protective software you install - all antivirus programs do most of the time is to add bloat to your system. Given this, and the fact that viruses on Linux aren't really an issue (for the moment?), the last thing I want is for my desktop to integrate with an antivirus, even if it isn't as annoying about it as a certain OS from Redmond.
That said, it's a perfectly valid application in its own right, but I just don't see it being much wanted in the DE itself.

sayakb wrote:You can otherwise download firewalls like firestarter.

1. Firestarter isn't developed anymore.
2. I've found that there is no simple firewall GUI for KDE4/QT4. There is a Firewall Builder, but it is not simple.

Every simple firewall application I've found needs lots of gnome/gtk dependencies. It would be nice, to have something for KDE4/QT4...

I do not find this at all needed as long KDE SC is ran by Linux, HURD, FreeBSD, SunOS or any other Unix OS.

But KDE platform and KDE apps (even KDE Workspace) is available for NT operating system what is most attacked by its flawed security functions (not because it is most used, as Linux is more used in important servers and services than NT is and if you get a important service cracked/rooted, you get every client more easier way cracked as well) and just to have this kind function as if the user would ran KDE SC on NT, it would be overdoing.

As every security application for NT has own API's, own UI and own ideas and so on. It would be huge work and I think it would go over the work what KDE SC already is.

Linux OS + GNU development tools/system files + KDE SC + other OSS applications the system is secure without need for these.

Lets focus to improve the problems and fix possible bugs in existing applications and it is easier than trying to race with crackers.

I agree with Fri13 but, it would be nice just to have a simple gui application to controll IPTables, or even make a add-on (or whatever these are called) to systemsettings (this should not be required).

stephenmac7 wrote:I agree with Fri13 but, it would be nice just to have a simple gui application to controll IPTables, or even make a add-on (or whatever these are called) to systemsettings (this should not be required).

And I agree that good firewall configuration tool would be needed for System Settings.
As IPTables tool (what is configuration tool for netfilter packet filtering what is located directly to Linux OS (=kernel)) is just too complicated for avarage users. As are all firestarter and other firewall configuration tools.

It really should be as easy than just click a application and select in/out rules for it.

But as we do not have "per-process" firewalls, just per port rules. The real security is done with other security measures. Like SELinux and AppArmor.

And for those we have started to have nicer GUI configurations.
With thouse tools we can configure a rules what files program (or library) can touch, write or read.
And as all the devices in the Unix systems are files. We could (and we do) limit access to networking with specific rules.

I believe that we could have a need for System Setting tool what would give a list of SELinux/AppArmor configs per application programs (not system programs or others as they are for root) what user has installed. User could add/remove them as well.

And easily identify and add new applications to there as example the SELinux command line tool allows to do (what is pain in the ****).

http://opendesktop.org/content/show.php?content=137789

This is the real power of KDE