Results 1 to 4 of 4
-
03-28-2005, 12:49 AM #1Web Hosting Master
- Join Date
- Sep 2000
- Posts
- 1,015
Does apf firewall actually do anything for security?
I'm talking about just APF firewall, not the brute force add-on etc. From what I understand it mainly just provides an easy interface to IPtables right, to easily ban IPs? Thinking of disabling it if it doesn't do much actively for security, since it seems to be causing some problems.
Thanks,
-
03-28-2005, 12:55 AM #2Junior Guru Wannabe
- Join Date
- Mar 2005
- Location
- Sydney, Australia
- Posts
- 76
It also provides some proc/sysctl hacks that are quite handy.
http://magi.net.au - Development / rant blog for coders, *nix admins, unoffical cpanel and whatnot.
Server administration / Emergency work / Security handling available on request - private message/email for quote or more information
-
03-28-2005, 12:56 AM #3Problem Solver
- Join Date
- Mar 2003
- Location
- California USA
- Posts
- 13,681
yes but you could just add those sysctl hacks to sysctl.conf and sysctl -p and call it a day. Over all i would say it doesnt do alot for security. Sure you are blocking uneeded ports etc, but there has to be other things in place for it to be worth while.
Steven Ciaburri | Industry's Best Server Management - Rack911.com
Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance
-
03-28-2005, 01:17 AM #4Junior Guru
- Join Date
- Dec 2003
- Posts
- 205
apf is indeed useful. It is an easy way to configure iptables, furthermore you can do hosts.deny/allow things within it as well. Whereas if you block all ports, you can specify specific ips to access those resources.