Discover Firewalls News

Firewalls? Firewalls?? We don't need no stinkin' Firewalls!!

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Firewalls are often framed as a one job tool. Furthermore, when looking to set up a secure network infrastructure, this Debian Admin says that sometimes they aren't aren't even needed!

To the contrary, Firewalls can be engineered to serve a number of purposes such as fragment reassembly for instance (as the author at TuxMachines states) and are generally only as secure as they are configured to be.

It seems that Firewalls are commonly misconceived of both being the given for network security (possibly not true) and not nearly enough on their own (the given among those who know security).


(bonus points for those who know the movie being alluded to in the title)

Firewall Configuration Testing Tool

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Sometimes a rule configuration may reside in a place other than the basic rule configuration place. In such a case, it is difficult to confirm whether it is an intended configuration by the system administrators. (Is an unnecessary hole open, or is a necessary hole open?) So, we developed a tool which checks the rule of a Firewall. " In any network your first line of defense is the firewall. One new firewall checker is called Dr.Morena. It's made up of two modules one is the check engine and the other is the packet list making engine. They work on Linux so it's good at checking your iptables. Go ahead and test your firewall to see how well it protects your network.

Securing Your Linux Server With Iptables

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

'Spamming', when used in a different context, does not necessarily have to be email specific. If you ever had a chance to play arcade fighter's such as Street Fighter 2, you'll notice that certain fighters have "cheap" moves that can be "used over and over", such as M. Bison's scissor kick corner trap (ah the old days). A player could pretty much "spam" this combo over and over. The interesting part about this cheap combo is that it could be countered just as easily with some skill. A basic set of good iptables rules is the perfect counter punch to a slew of common spamming attacks - no need to have SpamAssassin or procmail process the email when it doesn't even get through the front lines! Read on to gain a good base understanding of iptables and its rules. Ha-dou-ken!

IPS app available for free

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Network managers looking for an inexpensive way to better secure traffic crossing their nets might want to check out a free application from Intoto.

Intoto, a provider of security software for enterprise network equipment and CPE gateways, last week at Interop, introduced a stand-alone intrusion-prevention system (IPS) application that the company says will help small and midsize companies looking for enterprise-scale security tools.

NuFW brings IPv6 support

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Now User Filtering Works (NuFW) team has announced the initial release of the 2.2 stable branch. NuFW is a user-authenticating firewall that runs on top of the the Netfilter framework. This release includes several new features, including complete support for IPv6.

IPv6 firewalling knows no middle ground

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Two months ago, we published Everything you need to know about IPv6, telling you the following about firewalling IPv6 in relationship to the Network Address Translation that is common in today's IPv4 home routers. If you have a router or home gateway that supports IPv6, make sure that it, too, filters IPv6. A stateful filter that allows outgoing connections and return traffic, but not incoming connections is closest to the IPv4 NAT filtering functionality. This is in line with the recommendations in a document that the Internet Engineering Task Force's IPv6 Operations (v6ops) working group is developing: