The Next best thing to PF in Windows is VisNetic Firewall 1.x or 2.0, It's made by the same person that made ConSeal for Signal 9. It does Stateful Packet Inspection, supports multiple interfaces and changes the ISN as well like pf, the 2.0 version I haven't checked out yet, but I am sure it has improved on the features it had. You do have to pay for it, but for a windows server if you must have one, then this is one componenet you definately need. Don't get my wrong I love PF, but there is no PF for windows so I had to find the next best thing.
Amir Seyavash Mesry [EMAIL PROTECTED] LSI Logic Corporation http://www.lsilogic.com/ Raid Support Test Technician 6145-D Northbelt Parkway Norcross, GA 30071 678-728-1211 NOTICE: This communication may contain privileged or other confidential information. If you are not the intended recipient, or believe that you have received this communication in error, please do not print, copy, retransmit, disseminate, or otherwise use the information. Also, please indicate to the sender that you have received this communication in error, and delete the copy you received. Thank you. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aaron Suen Sent: Thursday, July 10, 2003 9:38 PM To: [EMAIL PROTECTED] Subject: Stupid Question OK, so this is (may be, probably is) a stupid question. But I'm gonna ask it anyway, so if you think it's stupid, go ahead and at least get a good laugh out of it. Does anybody forsee a port, of some sorts, of pf for Windows? Yeah, it sounds a little wild, but I could really use something like this. I have a bunch of Windows clients on my home LAN, and you can never really trust the LAN (even though it's firewalled) since these are Windows (a.k.a. virus-laden) machines. So I want to install software firewalls on every machine to provide secondary protection against threats on the LAN. The big problem is that there are no good free firewalls for Windows. Of course, everybody will recommend the same things, such as ZoneAlarm, and similar types of programs, but all I need is something that can do fragment reassembly, stateful inspection, and block certain ports (135, 137-139, 445, 1025-1027, 5000) while leaving everything else open by default. Every free firewall I've seen is missing something. ZoneAlarm is too aggressive, blocks everything by default and asks the user questions all the time (I want to set it up and forget it). Rule-based firewalls like the ones based on Tiny's codebase all seem to lack some reassembly and stateful inspection capabilities; they're basically just SYN filters. So, how does one get the power of pf onto a Windows system? Well, the way other firewall products seem to work is that they insert a bit of code between the network driver and the TCP/IP stack, then redirect packets and fragments through the filter engine. So, if somebody were to get his hands on a packet interception thingy like that, we could make a pf-based firewall to protect Windows machines without having to have a *BSD machine for every Windows client. Sound crazy enough? Actually, it would be pretty nice to have a userland application that does what the pf engine does. One could use it, for instance, to filter traffic that goes through other userland applications (such as ppp using tun*). I'd like to know how feasible this Windows port idea would be. __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com