Re: Free Firewalls? Thoughts...

[Javier Sanchez <jsanchez () myalert com>]

I found some explanation about the halted mode operation, cool ....

http://www.samag.com/documents/s=1824/sam0201d/0201d.htm

Does anyone know any tool/application to migrate a gauntlet ruleset to
checkpoint fw1 ? 

Javier Sanchez Llera
Buongiorno - MyAlert
jsanchez () myalert com


On Thu, 2003-05-08 at 19:20, Ted Behling wrote:
> At 02:23 AM 5/8/2003, Sean Barraclough wrote:
> > What are the thoughts on some of the "free" firewalls available. Such
> > firewalls as Darren Reeds IPF, or the OpenBSD PF? and the Linux offerings?
> >
> > Performance?
> > Security?
> > Fancy tricks?
> >
> > Just interested as to the thoughts out in the community.
>
> I've used Linux firewalls since kernel 2.0, with IPChains and now 
> IPTables.  Their security is most heavily affected by the applications run 
> on the firewall.  Best practice is to run nothing on the firewall itself, 
> use an external logging server, and run the OS off read-only media such as 
> CD-R (perhaps with a floppy for config files).  Some people run a Linux 
> firewall in "halted mode," where the kernel is stopped but the network 
> interfaces are still up.  Theoretically, this allows the kernel to filter 
> packets, but it would be unable to execute any new code if it were somehow 
> exploited.  As to performance, I've gotten several megabits per second 
> through a Pentium Pro machine with desktop-grade NICs.  I've never really 
> benchmarked them, though, since the Internet pipes I deal with are 
> relatively small (<= T1).
>
> Ted Behling, Chief Penguin Surgeon
> Monarch Information Systems, Inc.
> tbehling () monarchis net
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards