[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Secure 2.4.x kernel

On Fri, 21 Dec 2001, Moritz Schulte wrote:

> Phillip Hofmeister <plhofmei@svsu.edu> writes:
> > Unless you like recompiling your kernel 2 or 3 times a month I
> > wouldn't look to 2.4 for a FIREWALL kernel yet.  If you want the
> > neat features of 2.4 I would recomend installing 2.2 on the firewall
> > and another box on the internal network with 2.4
> Well, it's also worth mentioning the new features in Linux 2.4, which
> make it a more powerful kernel than Linux 2.2, especially for
> firewalls: netfilter.
> Connection tracking for example is one of the really useful features
> in netfilter.

	That is exactly the reason why I am looking to the 2.4 kernels
rather than the 2.2 kernels. The host is currently running a 2.2 kernel,
and didnt run a firewall. This isnt _too_ bad since the lab itself is
behind a corporate firewall, but recent events have made me decided that
the lab needs to be firewalled too.

	I need connection tracking to be able to deal with DCE / DFS.


Reply to: