Re: Linux firewall vs. other products
Sven Burgener wrote:
> Remco van de Meent wrote:
> > Don't forget that ipchains configures a packet filter in the kernel,
> > not a 'real' firewall.
>
> It's used for dealing with packets, yes, I know. But what other types of
> firewalls are there? Pardon my ignorance, but all I know on the subject
> of 'firewall' is 'packet blocking'. :)
"Packet filter" is a "lower form" of a firewall.
"Real" (and costly) firewall can:
* detect port scanning
* when scanning/hacking is detected attacker is redirected
to "trap system" to give the system time to locate the
source of attact
* scan connections at protocol level e.g. check
if mail is transfered via a connection to smtp port
...
--
Andrzej (Andrew) A. Filip http://bigfoot.com/~anfi
anfi@bigfoot.com anfi@polbox.com anfi@sdf.lonestar.org
Postings: http://deja.com/profile.xp?author=Andrzej%20Filip
Reply to: