Re: [Full-Disclosure] PIX vs CheckPoint

From: Roger Howorth (Roger_Howorth_at_vnu.co.uk)
Date: 06/30/04

  • Next message: Luther Blissett: "Re: Re: [Full-Disclosure] Sandeep Sengupta has invited you to open a Gmail account" 
    To: "full-disclosure" <full-disclosure@lists.netsys.com>
Date: Wed, 30 Jun 2004 16:22:34 +0100

    Like a few other comments already, I would also recommend using iptables --
    it's a stateful inspection firewall that's included with every Linux
    distribution I've come across, and also crops up in many/all? Linux
    appliance firewalls. "iptables -L" will print the firewall rules to the
    screen if iptables is installed and running.

    Some folks like to write their firewall rules by hand, but there is also an
    excellent piece of open source called fwbuilder - again, some others have
    already mentioned it in this thread. In my experience fwbuilder can be a
    real pain to install with certain Linux distributions, but those problems
    completely disappear using gentoo linux.

    -Roger

    VNU BUSINESS PUBLICATIONS LIMITED (VNU) 32-34 Broadwick Street, London,
    W1A 2HG Tel: +44 (0) 20 7316 9000  Fax: +44 (0) 20 7316 9003 This e-mail
    is confidential and is intended for the use of the addressee only. If you
    are not the intended recipient, you are hereby notified that any use or
    dissemination of this communication or any part of it is strictly
    prohibited. If you receive this transmission in error, please notify VNU
    immediately using the contact details above and then delete this e-mail.
    Please note that e-mail may be susceptible to data corruption, interception
    and unauthorised amendment. VNU does not accept any liability for any such
    corruption, interception, amendment or the consequences thereof.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Luther Blissett: "Re: Re: [Full-Disclosure] Sandeep Sengupta has invited you to open a Gmail account"

    Relevant Pages

    • Re: firewall performance throughput between Linux and OpenBSD
      ... > The firewall is used to connect a private network to the internet. ... > ftp-proxy and the linux box does not. ... Running with a full pf rules file or the wideopen version ... > full rules file using iptables. ...
      (comp.unix.bsd.openbsd.misc)
    • Re: Configuring Linux as a Firewall
      ... Using iptables commands ... Simplifying things with firewall GUIs ... Linux enthusiasts have known for a long time: ... Making Installation Choices ...
      (rec.photo.digital)
    • Re: Demand of PF CLI
      ... >> using the PF APIs directly, or providing such access in perl, python, ... >> style approach was taken to embrace other firewall solutions. ... > you mean this module could work for Linux iptables too. ... There is Linux's iptables, ipf on NetBSD and Solaris, ...
      (comp.unix.bsd.openbsd.misc)
    • Re: firewall survey
      ... The fw's used on servers at work are all IPtables (more correctly NetFilter & ... IPtables) for Linux, and for Solaris we use ...can't remember the name but it ... Is your firewall considered to be a hardware appliance or a software ... of the front-ends that restrict the granularity or creation of custom rules, ...
      (RedHat)
    • Google Summer of Code 2009: Student applies to create a Better IPTables Management Tool
      ... a student) and select the Linux Foundation ... The tool focuses on helping the user to perceive what a particular chains of rules in a particular table does to a user specified packet. ... As the project aims for better IPtables management tool, I can contribute with my hard earned 3 years experience in maintenance of firewalls. ... The tools helps the user to either select all the rules in the chain or some particular rules and tells the impact of the application of selected rules upon the incoming/outgoing packet. ...
      (Linux-Kernel)