Re: Firewall without network Stack (SUMMARY)
From: Cedric Blancher (blancher@cartel-info.fr)Date: 09/30/01
- Next in thread: Kurt Seifried: "Re: Firewall without network Stack (SUMMARY)"
- Reply: Kurt Seifried: "Re: Firewall without network Stack (SUMMARY)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Subject: Re: Firewall without network Stack (SUMMARY) From: Cedric Blancher <blancher@cartel-info.fr> To: Kyle Wheeler <memoryhole@cheerful.com> Date: 30 Sep 2001 23:33:59 +0200 Message-Id: <1001885643.16041.20.camel@elendil>
On sam, 2001-09-29 at 21:33, Kyle Wheeler wrote:
> Well, among other things, the firewall wouldn't have an IP address on
> the internet - and thus would be much harder to attack because a hacker
> can't make a direct connection to it.
Configure your box as a bridge and patch kernel so ipchains can see
bridged paquets.
I think that a patch for netfilter is available (someone confirm ?)
-- Cédric Blancher Consultant sécurité systèmes et réseaux Cartel Informatique - Groupe CGBI - http://www.cartel-info.fr/ Tél : 01 44 06 97 87 - Fax 01 44 06 97 99
- Next in thread: Kurt Seifried: "Re: Firewall without network Stack (SUMMARY)"
- Reply: Kurt Seifried: "Re: Firewall without network Stack (SUMMARY)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
