Is there any hope of having on Linux and Deeping a firewall that not only looks at ports (at the OS level), but blocks/manage each individual executable? Even in Linux such an approach would be useful: you never know what program may decide to communicate with the outside world without permission, or to be sure some software only goes on the intranet while anothers can access the whole Internet. It's fine to trust, but I don't see why Linux can't hope to have such support so common on windows (reading on other forums it seems due to some kernel issues).