Re: Bridging Firewalls

From: Dave Pimlott (newsgroups@SPAMFILTERdavepimlott.info)
Date: 05/29/02


Date: Wed, 29 May 2002 10:03:09 +0000
From: Dave Pimlott <newsgroups@SPAMFILTERdavepimlott.info>

Bob Yeaw wrote:
>
> I have been reading alot about bridging firewalls using OpenBSD and PF
> or IPF and it seems like a great idea. Does anyone know of any
> gotchas or problems with this approach? What attacks are possible on
> a Packet filter with no IP address?
>
> thanks,
>
> bob

the only vulnerabilities I can think of are Ethernet attacks rather than
TCP/IP attacks, e.g. MAC broadcast storms (which are hard to do
remotely...)
In terms of gotchas I can't think of any! In situations like this I
"suck it and see".

Dave Pimlott.