Tiny does not require many deny rules when properly configured. In fact, most denies you use will be for logging and alerting, not for blocking. We'll discuss that later on. Tiny's default behavior is to prompt you for action when it sees traffic and no rule is in place that covers it. After it's fully configured, you can turn off the alerts and just have Tiny drop the traffic quietly. You only need to deny traffic that would be allowed by a lower positioned rule; you want to create an exception and "deny" for that. Tiny doesn't let a packet through by default. If you aren't around to respond, it just holds the traffic. Eventually, it times out, unaccepted and unreplied to, and dies.
There are two other "default settings." They're adjusted with the slider in the main screen. The first is "cut me off" and is self explanatory. It's the same as the "cut me off" setting in Zone Alarm and other firewalls. It simply shuts off your computer from the network. The other implements a different trust model than we want to encourage. To understand this, every time you make a firewall decision of any kind, you create a "trust model," even though you don't think of it by that name. "I trust this, but don't want to trust that..." When you install, your first decision is the overall trust model that controls every other decision you will make thereafter. There are essentially two models, "deny unless explicitly allowed" and "allow unless specifically denied." Out of the box, Tiny applies the first, most desirable model. The bottom slider setting implements the second, riskier model. The bottom setting is definitely not
by gwion edited by JMGullett
last modified: 2007-05-31 16:36:54