Firewall - Page 6

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Discover Firewalls News

Firewalls ring changes

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Once they were border controls, then customs and excise, now they are the police, the fire brigade and the health service. Can the firewall become the sole security device in the enterprise? Zaphod Beeblebrox, the two-headed anti-hero of Douglas Adams’ Hitchhiker’s guide to the galaxy, wears the future of firewalls on his head. His Joo Janta 200 Super-Chromatic Peril Sensitive Sunglasses turn black at the first hint of danger. This saves him from witnessing frightening events, so he remains cool and un-panicked in a dangerous universe.

Guardian Digital Announces New Firewall Product

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Guardian Digital, Inc., a leader in open source security products, today announced the release of a new firewall product that will revolutionize internet security as we know it, forever. Guardian Digital CEO Dave Wreski explains, "Our new product works differently from most other firewalls on the market, which can possibly allow dangerous packets into protected networks. Our technical wizards realized that all virus, worm, and malware authors use dangerous 'zeroes' in their binary code, therefore our new firewall product blocks all 'zeroes' while allowing the friendly, useful 'ones' through."

Two floppy-based firewalls

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

When you look in your closet, do you see a pile of obsolete hardware that you just cannot bring yourself to throw out, despite the pleas of your family? If you want to share your home Internet connection and save a little money at the same time, dust off that old hardware and set up a Linux-based firewall. All you need is a 486 or better processor, two network adapters (only one if you're on dial-up), a switch or hub, diskette drive, and 12MB of RAM. In this article, we'll take a look at floppyfw and Coyote Linux, two free, open source projects that have shrunk Linux down to diskette size to implement a firewall.

Review: Astaro Security Linux 5.1

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

One of the more popular uses for Linux is as a router/firewall to secure a local area network (LAN) against intruders and share an Internet connection. Several specialized distributions have sprung up to simplify this task. These range from small, diskette-based distros like the Linux Router Project and FREESCO to larger systems requiring a hard disk installation. Among the latter is Astaro Corp.'s Astaro Security Linux (ASL) 5.1, which I recently reviewed as part of ongoing research into content filtering products. ASL is an RPM-based distribution that allows an administrator to easily turn an x86 PC or server into a router/firewall appliance.

E-mail firewalls: A vital defense layer

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The exponential rise in spam and e-mail-borne viruses has pushed must-have network security layers beyond traditional firewalls and intrusion-detection appliances. E-mail firewalls have emerged as a complementary appliance for detecting and protecting against threats in the inbound e-mail stream.

Firewall warns dealers of physical security threat

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Specialist distributor, Firewall Systems, is warning resellers to start thinking of security as a managed service or risk losing market share to physical security providers. Firewall marketing director, Nick Verykios, said physical security players such as Chubb were already providing IP-based services, adding data to their stack as the markets continued to converge.

Firewalls' False Sense of Security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Internet front door to almost every bank and financial services company in the world is guarded by two sets of firewalls defining a DMZ. Nearly every e-commerce site sits in a similar DMZ in what has become the de facto standard in Web security architecture. According to Sun Microsystems, "In today's tumultuous times, having a sound firewall/DMZ environment is your first line of defense against external threats." But I would argue that guarding the perimeter is lulling organizations into a false sense of security that results in ignoring the implementation of other security mechanisms in their applications and databases.

Firewall Builder 2.0.6

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Firewall Builder consists of an object-oriented GUI and a set of policy compilers for various firewall platforms. In Firewall Builder, a firewall policy is a set of rules; each rule consists of abstract objects that represent real network objects and services (hosts, routers, firewalls, networks, protocols).

Linux kernel to include IPv6 firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Version 2.6.12 of the Linux kernel is likely to include packet filtering that will work with IPv6, the latest version of the Internet Protocol. Netfilter/iptables, the firewall engine that is part of the Linux kernel, already allows stateless packet filtering for versions 4 and 6 of the Internet protocol, but only allows stateful packet filtering for IPv4. Stateful packet filtering is the more secure method, since it analyses whole streams of packets, rather than only checking the headers of individual packets -- as is done in stateless packet filtering.

SWsoft Unveils Virtuozzo 2.6.1 for Linux

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The latest version of the Virtuozzo server virtualization solution features several new enhancements, including a new Virtuozzo control center, automatic update utility, stateful firewall support and VPN support. The company also announced that Australian firm SMS Central has purchased Virtuozzo for installation in its data center.

Evaluating Your Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Are you an administrator or security analyst who watches over a firewall with a hundred or more rules? Or perhaps a hired gun who must review a firewall with years of crusty buildup? Are you creating a test lab that involves a wide variety of networks, servers, and risks? If you're interested in enterprise-level firewalls, this article will help you make sense of common failures in processes and tools. We'll focus on enterprise-grade business and networking issues that affect firewalls. (Penetration studies and piercing firewalls from the outside will be covered in a later article.)

Internet Firewalls FAQ

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A firewall is a system or group of systems that enforces an access control policy between two or more networks. The actual means by which this is accomplished varies widely, but in principle, the firewall can be thought of as a pair of mechanisms: one which exists to block traffic, and the other which exists to permit traffic.

de.comp.security.firewall FAQ

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A firewall is an organizationally and technical concept for the separation of networks, its correct implementation and constant maintenance. One piece that's often used is a piece of hardware that connects to networks the way as it's allowed in the concept. This piece of hardware is often called firewall-system/computer or in short firewall.

Patching up problems

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The race to plug network holes before attackers use them is running system managers ragged--so they're throwing up more barriers to stop intruders. In recent years, the common wisdom has been that keeping up-to-date on software patches is key to safeguarding a company's networks against viruses, worms and other pests. But with dozens of flaws being discovered each week, that approach has turned out to be a Herculean task.

Securing your workstation with Firestarter

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Firestarter is a GPL-licensed graphical firewall configuration program for iptables, the powerful firewall included in Linux kernels 2.4 and 2.6. Firestarter supports network address translation for sharing an Internet connection among multiple computers, and port forwarding for redirecting traffic to an internal workstation. Firestarter's clean and easy to use graphical user interface takes the time out of setting up a custom firewall.

Choosing The Right Personal Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If you're reading this on a Windows machine and you don't know if you have a personal firewall installed and running, then stop what you're doing and take care of that right now. At the very least, turn on the Windows firewall. This feature is available in the PC control panel, and enabling it only takes a few seconds. You can come back and read this once you've done that. I'll wait.

Week 45: Firewall Security Tips

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A DMZ (Demilitarized Zone) is a combination of firewalls -- a perimeter network segment logically between internal and external networks. Also called a "screened subnet," its purpose is to enforce the internal network's IA policy for external information exchange and to provide external, untrusted sources with restricted access to releasable information while shielding internal networks from outside attacks. . . .

How many firewalls are enough?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

We recently had a situation in which one of our servers was accessed by someone from another building/floor who had no need to get into the system. Part of the problem was that someone left their username/password out in plain sight; that problem has been fixed. . . .

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo