On Tue, May 21, 2002 at 10:33:09AM -0400, Nathan Hawkins wrote: > Jails are kind of like the translators. They're a kernel-specifc (or > whatever the Hurd is supposed to be) add-on. They're useful, but more of > a nice-to-have add-on than an essential feature for an operating system. > Complete and usable TCP/IP support is not, and I, and many other people, > would classify firewalling as a required part of a complete TCP/IP > implementation.
Richard Stevens, TCP/IP Illustrated, Vol. 1 does mention firewall gateways only three times (and has one book about it in the bibliography for further reading). I don't have the other two, so maybe someone can check if he covers firewalling in those books in more detail. He does not mention firewalling on non-gateway hosts. I have not a lot experience with administration of network systems, but what I have seen is that the common way to use firewalls is to buy them as firewalls and use them to secure the LAN. > FWIW, Debian GNU/FreeBSD will have firewalling tools. It looks like > there are two different firewall implementations supported by the > kernel, actually. There is also IPsec and IPv6 support. FWIW, Debian GNU/Hurd will have ways to secure the network and services, too. It might even have firewall features. But does the first version have firewall features? Maybe. This depends on a lot of things, and all of them are completely unrelated to how important firewalling really is. Thanks, Marcus -- `Rhubarb is no Egyptian god.' Debian http://www.debian.org [EMAIL PROTECTED] Marcus Brinkmann GNU http://www.gnu.org [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.marcus-brinkmann.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]