Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: RE: COmpare Firewalls

RE: COmpare Firewalls

From: Joe Ippolito <joe_at_joesnet.com>
Date: Wed, 8 Sep 1999 06:01:29 -0700

So what I here you saying is that MS Proxy uses an application-level packet
filter that is less secure than a kernel-level packet filter? Can you site
an example and say why? Wouldn't either one have to get in front of the OS
to filter incoming packets?

-----Original Message-----
From: owner-firewall-wizards_at_lists.nfr.net
[mailto:owner-firewall-wizards_at_lists.nfr.net]On Behalf Of Dameon D.
Welch
Sent: Tuesday, September 07, 1999 11:06 AM
To: joe_at_joesnet.com
Cc: firewall-wizards_at_nfr.net
Subject: Re: COmpare Firewalls

On Tue, Sep 07, 1999 at 09:06:20AM -0700, Joe Ippolito wrote:

> So you know of something that will protect an OS and is not an
application?
> Hmmmm?

Proper firewalls are a combination of user-level applications & kernel-level
packet filtering (stateful or otherwise). Any of the commercial firewalls
that run on NT should fit this bill.

-- PhoneBoy
Received on Sep 08 1999

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]