Re: [fw-wiz] Use of single port aggregations to enhance security



I thought *every* operating system follows the rule "apply
packet filtering first, bring interfaces up later" nowdays?

On Wed, Jan 06, 2010 at 06:12:46AM +1100, Darren Reed wrote:
So what difference can this make?

If you're using an operating system based firewall (Linux,
BSD, Solaris), then depending on the order of the operating
system enabling firewalls capabilities vs networking, there
may be windows where packets are able to reach code paths
that they weren't intended for because nic drivers start
servicing packets quite early.

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: Visnetic and 8signs firewall LOOPHOLE Read....
    ... I said I am just reporting bug in your Firewall, ... From the Port Scan/Properties control screen: ... The firewall filtered 100% of the packets that were received. ... operating system (I'm talking Windows, ...
    (comp.security.firewalls)
  • Re: Traceroute issue
    ... > I have version 5.2 on it and it cannot traceroute out. ... this is usually caused by a firewall that blocks ... ICMP PORT UNREACHABLE packets, and the target system must reject ... BSD ping uses ICMP ECHO REQUEST and ECHO RESPONSE packets, ...
    (freebsd-questions)
  • Re: Hardening Windows XP
    ... I will assume a "Windows" operating system is what is ... Windows Update ... You should at least turn on the built in firewall. ... Kerio Personal Firewall ...
    (microsoft.public.windowsxp.security_admin)
  • Re: iptables and dhcp
    ... > the same physical network segment as the firewall and the remote DHCP ... You used INPUT and not FORWARD chain ... # This target allows packets to be marked in the mangle table ...
    (comp.os.linux.networking)
  • Re: Trouble accessing Outlook Web Access from behind firewall
    ... When starting the firewall I also set ... > rejected and dropped packets are logged, however I see nothing in my log ... > # Higher ports needed to accept incoming/outgoing calls ...
    (comp.security.firewalls)