Firewall Wizards mailing list archives
Re: Use of single port aggregations to enhance security
From: ArkanoiD <ark () eltex net>
Date: Sat, 9 Jan 2010 11:26:15 +0300
I thought *every* operating system follows the rule "apply packet filtering first, bring interfaces up later" nowdays? On Wed, Jan 06, 2010 at 06:12:46AM +1100, Darren Reed wrote:
So what difference can this make? If you're using an operating system based firewall (Linux, BSD, Solaris), then depending on the order of the operating system enabling firewalls capabilities vs networking, there may be windows where packets are able to reach code paths that they weren't intended for because nic drivers start servicing packets quite early.
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Use of single port aggregations to enhance security Darren Reed (Jan 07)
- Re: Use of single port aggregations to enhance security Paul Melson (Jan 08)
- Re: Use of single port aggregations to enhance security ArkanoiD (Jan 11)
- Re: Use of single port aggregations to enhance security david (Jan 12)