Re: Hacking a firewall
Are you sure about that?
AFAIK ipfilter can only block or allow certain packets according to source
port, destination port and various flags within the packet (but I could be
wrong!). Anyway, that is *not* stateful inspection.
-------------------------
Aviram Jenik
"Addicted to Chaos"
-------------------------
Today's quote:
Top 25 Explanations by Programmers when their programs don't work:
6. The machine seems to be broken.
----- Original Message -----
From: Jens Hellmerichs-Friedrich <jens@friedrich-net.de>
To: Aviram Jenik <aviram@securiteam.com>; Simon Martin <smartin@isys.cl>;
Debian-Firewall List <debian-firewall@lists.debian.org>
Sent: Tuesday, August 03, 1999 10:25 P Aviram
Subject: Re: Hacking a firewall
> IP-Filter (available for Linux too) supports stateful inspections !
>
> Viele Grüße
> Jens
>
> http://friedrich-net.de
>
> ----- Original Message -----
> From: Aviram Jenik <aviram@securiteam.com>
> To: Simon Martin <smartin@isys.cl>; Debian-Firewall List
> <debian-firewall@lists.debian.org>
> Sent: Tuesday, August 03, 1999 8:58 PM
> Subject: Re: Hacking a firewall
>
>
> > >
> > > 1) Comparison of Debian Vs Firewall-1
> > > My major competition here is Firewall-1. Anyone know of any comparison
> of
> > > features / robustness / weaknesses?
> >
> > FW-1 Uses stateful inspection, which is way more secure then the packet
> > filtering techniques of ipchains and others. It's not right to compare
> > between the two, because the question is cost-effectiveness. FW-1 is
must
> > more full-featured/robust/strong, etc but costs 5 digits to buy.
> >
>
>
>
> --
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
>
>
Reply to: