Re: Secure 2.4.x kernel
On Fri, 21 Dec 2001, Moritz Schulte wrote:
> Phillip Hofmeister <firstname.lastname@example.org> writes:
> > Unless you like recompiling your kernel 2 or 3 times a month I
> > wouldn't look to 2.4 for a FIREWALL kernel yet. If you want the
> > neat features of 2.4 I would recomend installing 2.2 on the firewall
> > and another box on the internal network with 2.4
> Well, it's also worth mentioning the new features in Linux 2.4, which
> make it a more powerful kernel than Linux 2.2, especially for
> firewalls: netfilter.
> Connection tracking for example is one of the really useful features
> in netfilter.
That is exactly the reason why I am looking to the 2.4 kernels
rather than the 2.2 kernels. The host is currently running a 2.2 kernel,
and didnt run a firewall. This isnt _too_ bad since the lab itself is
behind a corporate firewall, but recent events have made me decided that
the lab needs to be firewalled too.
I need connection tracking to be able to deal with DCE / DFS.