Firewalls: Re: Linux as a Firewall Platform

Firewalls
(December 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Linux as a Firewall Platform
From:	Darren Reed <avalon @ coombs . anu . edu . au>
Date:	Tue, 17 Dec 1996 23:29:05 +1100 (EDT)
To:	acli @ www . mingpaoxpress . com (Ambrose Li)
Cc:	Firewalls @ GreatCircle . COM (Firewalls Mailing List)
In-reply-to:	<E2IL7M . AED @ www . mingpaoxpress . com> from "Ambrose Li" at Dec 16, 96 04:16:33 pm

Yes, Linux has a "securelevel" and immutable/append-only bits and yes, Linux
is still catching up with "debugging" TCP/IP in the kernel (no, this is not
a reference to packet storming attacks)...

...I've just been searching the diff's for Linux kernel patches for anything
in their ipv4 directory - worth reading these patches (yes, this means 2.0
and 2.1 too) for problems that have `survived' this long.

Give it another year or so to arrive at a point where people won't remove
checks for "sanity" in IP packets or bad make optimisations because it is
recognised as being "reliable" and "efficient" and further change is _WELL
JUSTIFIED_.

Darren

References:

Re: Linux as a Firewall Platform
From: acli @ www . mingpaoxpress . com (Ambrose Li)

Indexed By Date	Previous:	Problem with mail From: Majo Danisek <majo @ sunteq . sk>
Indexed By Date	Next:	Re: Problem With Domain From: Jean Luc Guyot <guyot @ mail . dotcom . fr>
Indexed By Thread	Previous:	Re: Linux as a Firewall Platform From: blymn @ awadi . com . au (Brett Lymn)
Indexed By Thread	Next:	Re: Linux as a FW, Inode bits From: PASCAL . DUFOUR @ CDT . cec . be (Tel 495585-224)