On Sun, 10 Sep 2000, mouss wrote:
> In my opinion, the available open source packet filters are comarable to
> what commercial firewalls provide. They are even superior to many of the
> commercial FWs filters.
>
> "watching for regular stuff" is more an issue for IDS than or the filters.
> Indeed, either the implementation is light and is thus really
> insufficient, or it is "complete" and consumes too much resources which
> makes it unusable on a FW (if you spend your time cheking
> your numerous patterns, your packet queue is gonna stay full...).
The only experience I've had with the IDS/firewall working together was
with the company "ZoneOfTrust.com". Their system seemed to be able to
watch a high-volume website and actually catch items which appeared to be
attacks and add the appropriate firewall rules. I've not seen this style
of functionality in ipchains yet, although it's able to be manipulated by
programs like portsentry to provide some level of stopping attacks
realtime.
- Aaron Schultz
- [EMAIL PROTECTED]
------
/"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
\ / ASCII Ribbon Campaign
X - NO HTML/RTF in e-mail
/ \ - NO Word docs in e-mail
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
