Hosting Provided By

Re: IPF/IPTable/??

From: Brad Arlt <arlt(at)cpsc.ucalgary.ca>
Date: Thu Nov 28 2002 - 17:40:29 EST

On Thu, Nov 28, 2002 at 06:02:42AM +0900, ALBEE,RUSSELL. S FC2 (CV63 CS5) wrote:
> Which *NIX firewall software is the best to use in terms of sercurity and

I consider Chains, Table, and Filter en par for stability.

Chains might be a little more stable, but how many 9s does one really need? Chains doesn't protect your network as well as Tables, so while IPChains might keep your firewall running longer. It might not keep your network running longer, which is after all what your firewall is supposed to do.

If you really mean "IPF" (circa Linux 2.0 kernel), and not IP Filters, doen't use it.

The speed, flexablity, and statefulness of IP Tables (netfilter), make it the best choice.

If you don't know what I am talking about when I say a 9, then you want IPTables. And you want to read more about all three so you can an informed decision on the merits of each, rather than the preferences of the masses.

   __o		Bradley Arlt			Security Team Lead
 _ \<_		arlt@cpsc.ucalgary.ca		University Of Calgary
(_)/(_) 	I should be biking right now.	Computer Science

Received on Thu Nov 28 18:33:49 2002

This message: [ Message body ]
Next message: nee cee: "Re: Blocking personal email"
Previous message: bda: "Re: ridiculous situation"
In reply to ALBEE,RUSSELL. S FC2 (CV63 CS5): "IPF/IPTable/??"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:25 EDT

Do you need help?