I asked this question on the netfilter list, but didn't get any good answers. Maybe someone here can answer.
Can anyone tell me either by opinion, or preferably by scientific fact, how much more secure the stateful netfilter in the 2.4 kernel is compared to the 2.2 series firewall? Are they about the same, or are we talking an order of magnitude?
Note, I'm not talking about ipchains vs iptables; the interface to the firewall, rather I'm talking about netfilter as the kernel firewall versus whatever the 2.2 kernel filter was called. Statefulness vs statelessness.
When I specify, allow Established and Related connections in, is this
secure? Is it possible for someone to highjack an established connection?
Even with spoofed packets? What is a related connection?