Good firewall ?

From: jj@spiderentertainment.com
Date: Fri Jan 14 2000 - 16:10:01 EST


Can someone suggest a good free firewall solution for BSD or Linux ?

This is what I got so far:

I looked at the IP-chains, looking at the source code now. I guess what
I am looking for is something that is very fast, since we do run some
high volume sites.

Second issue I would like to explore the possibility (if it does exist)
to put a special filter on the port 80 where the HEAD in HTTP is
disallowed.

Third issue: I hate ping flooders, they don't do anything but use your
bandwidth. Still I would like to protect the machine against that, so it
is not busy trying to respond to bogus ping floods.

Fifth: A firewall that is fully configureable, meaning it would be hard
for the folks to tell what firewall it is.

Tho this will prevent 90% of DoS, and 90% of hack attempts.

I think I can live with 10% "hack think tanks" breaking in......... just
backup
everyday.

I'm working on a really interesting personal project: To create such
application that will alter the actual kernel to insert its code into
it. You can think of "Bark Orffice", but alot more suffisticated, since
it takes alot to alter the actual kernel. Ie, is the SMP compiled or
not, what version etc. But it looks very good so far. In the first
change I'm just doing raw source apply to the kernel and testing it.
First goal: to hide traffic within the ping packets: Pattern encoding to
make
harder for anyone to detect.

What do you folks think ?

Thx.

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu



This archive was generated by hypermail 2b29 : Sat Jan 15 2000 - 21:00:30 EST