Results 1 to 4 of 4

Thread: firewalls

  1. #1

    firewalls

    Hi,

    I am wondering if an ipchains/iptables based firewall that is installed in front of a network is as good as a netscreen or PIX firewall? Are they much less secure or are they just as good?

    Thank You,

    Matt

  2. #2
    Join Date
    Dec 2000
    Location
    Leesburg, VA
    Posts
    3,205
    They can be just as good. There are two reasons hosts will opt for a netscreen/PIX/checkpoint firewall over an ipchains/tables-based firewall:

    1. Better configuration and monitoring tools. By better, I mean GUI, so it is easier for the employees to monitor what is happening with the firewalls, and make rule set changes.

    2. These are dedicated, single purpose boxes so they should, in theory, be more secure. A person running ipchains/tables on a Linux, or *BSD box is running it on top of another operating system, so the firewall is subject to any exploits the OS is.

  3. #3
    Join Date
    Nov 2001
    Location
    Canada
    Posts
    1,963
    they can be as good

    but the thing is, say when it comes to DOS attacks (Denial of service) ipchains, or iptables won't really help you.

    I guess it all depends on how severe the attack is, in my experiences, ipchains / iptables will do nothing when you're getting hit.

    only hardware firewalls can help

  4. #4
    ipchains and iptables are good if you know how to use these powerful packet filtering software

    There are many HowTo's around Internet how to build and setup packet filter software on unix/linux boxes

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •