I would like to thank you for using DNi. I'll do my best to improve it according to your requests.
Yesterday I received this e-mail:
...it appears
that the DNi application actually runs on your Web server
(or as a
Java script downloaded from there), generating ipfwadm config
files for
my firewall machine. While it's an interesting technique,
this renders
DNi useless as a security tool for all practical purposes
for the reasons
stated below.
Like any
security-conscious sysadmin, I have serious reservations
about configuring
my firewalls (which, after all, are security tools)
using a tool
that resides on a Web server far away and not under my
supervision.
This would be a security breach of the highest order. Not
only is my
firewall config file generated by an application I don't
control (and
whose source code I cannot see), but I implicitly make it
available
to that Web site and any packet sniffers between us (and a
security
tool Web site is a GREAT target for packet sniffers).
One hopes
that this Web site is just a demo for DNi, and that the
final application
will be structured in such a way as to be used
locally and
have source-level visibility to the user; otherwise it
will remain
an interesting but impractical curiosity because of the
inherent
security issues created by its setup...
Dear user, DNi is a pilot alpha version of front end to "ipfwadm".
Currently it's implemented on Javascript,
because I think it is the
best way to test it and to reveal
it's source for public testing.
Currently I am testing different techniques
to restrict incoming traffic.
As soon as DNi will prove itself useful
tool for system administrating
I will port it to binary format: text
and graphical interfaces.
I will also add outbound traffic restrictions, traffic redirection and IP masquerading functions.
Currently I present to you DNi's latest source code.
Click here with your right mouse button and save DNi source code to disk.
If you don't fear of possible security flaw you can still use its web version.
I would like to receive your opinions on this project.
Thanks in advance.
Have a nice day.
P.S. On 23 Sep I going to serve my army service, so I will be gone for at least 1 month.
Take care !