One more for the list. Freebsd has IPFW, Darren Reed's IPFilter and PF (same as Obsd).
Printable View
One more for the list. Freebsd has IPFW, Darren Reed's IPFilter and PF (same as Obsd).
Thanks for the input. I'm thinking about getting a *bsd. I have a variety of linux distros, but time to venture in the bsd world as well. And obviously knowing about their firewalls is important. There's so much experience and knowledge in this place, you can't help but learn something if not only by osmosis! :eek:
cheers
Good info,saves us some time, double Kudos!
Are you seriously going to trust anyone who segregates firewalls as "software" and "hardware" ?? You are all aware that ALL firewalls of software, some just run on very limited operating systems rather than general purpose opersting systems and on specialized hardware rather than general hardware. Firewalls should be divided by type or generation, since this actually allows for a sane comparison.
Secondly, are you to take the word of the masses here? Something about the "least common denominator" should ring true.
cheers,
catch
Thanks for your input. However, since they are bought and sold in that manner and not all of the of the rest of the world employs the categorization laws of catch; we’ll keep segregating them as “software” and “hardware”.Quote:
Are you seriously going to trust anyone who segregates firewalls as "software" and "hardware" ??.
Hopefully most are already aware of this, so we probably don’t need to state the obvious.Quote:
You are all aware that ALL firewalls of software, some just run on very limited operating systems rather than general purpose opersting systems and on specialized hardware rather than general hardware.
Interesting comment, however do you think we should trust someone who doesn’t even care enough about attention to detail to provide critical advice?? Probably won’t take them seriously anyway.Quote:
Secondly, are you to take the word of the masses here? Something about the "least common denominator" should ring true.
Quote:
You are all aware that ALL firewalls of software
;)Quote:
opersting systems
cheers
I found no reference for "hardware-firewall" in the rfc2828.
Yeah Firewall is software component in fact, but it requires special hardware/OS support. That is why it is sometimes called hardware firewall. Suitable hardware packed to support the firewall in a box.
Thus not in the archives.Quote:
I found no reference for "hardware-firewall" in the rfc2828.
cheersQuote:
You are all aware that ALL firewalls of software, some just run on very limited operating systems rather than general purpose opersting systems and on specialized hardware rather than general hardware.
Enjoy failing that question on the CISSP, SSCP, and CISA exams and just looking overall ignorant on the subject, however no reason to drag the naive down with you.Quote:
Thanks for your input. However, since they are bought and sold in that manner and not all of the of the rest of the world employs the categorization laws of catch; we’ll keep segregating them as “software” and “hardware”.
The proper categorizations are: (by generation)
[list=1][*]Packet Filtering[*]Application Level[*]Stateful Inspection[*]Dynamic Packet Filtering[*]Kernel Proxy[/list=1]
Hopefully most would know that it is nonsensical to segregate firewalls by "hardware" and "software", yet here we are.Quote:
Hopefully most are already aware of this, so we probably don’t need to state the obvious.
I've addressed this issue before, and my reputation speaks for itself. I have never stated anything on here that would lead a reader to miss an (ISC)2 or ISACA question. Which is more than I can say for much of the rest of this thread.Quote:
Interesting comment, however do you think we should trust someone who doesn’t even care enough about attention to detail to provide critical advice?? Probably won’t take them seriously anyway.
Wow quoting typos... I was going ot do a longr reply and speel check just fo you, but i wsa ina hurry.
cheers,
catch
The biggest problem with classifying firewalls by those 5 guidelines instead of hardware/software is that it becomes INCREDIBLY difficult to explain even the most basic security to a home user. If I tell them that their router and Norton Internet Security are exactly the same, they will believe it. Is this true? Of course not. Both are very different and have their pros and cons, and most of those are similar for other "hardware" and "software" firewalls. This post was mainly directed towards people doing that kind of work, not those in your business catch.