Linux Gets Stateful Firewalling

[Bruce Smith <bruce@xxxxxxxxxxx>]

A few weeks ago I was having breakfast with a fellow linux 
enthusiast and the subject of Linux firewalling came up.

I mentioned that the new 2.4 kernel uses the much improved 
"Stateful Firewalling".  I was ask to explain the difference 
between "stateful" and "stateless" firewalls.  

This morning I found the following article link in my favorite 
security newletter which gives a better explanation than I did:


---------------------------------------------------------------------------
Linux Gets Stateful Firewalling

The long-awaited Linux 2.4 kernel has been released and, for many of us in
the Security community, this is a totally joyous occasion. This article
explains the improvements and why you should be as excited as we are. It
should be accessible and interesting to anyone, no matter how much technical
background.  The 2.4 kernel's packet filtering system, Netfilter, is Linux's
first stateful firewall. Stateful firewalls represent a major technological
jump in the intelligence of a firewall and are present in all serious
Enterprise firewalling products.

Read the full story here:
http://securityportal.com/cover/coverstory20010122.html
---------------------------------------------------------------------------


If you are at all concerned about security and/or firewalls,
please read the above linked article.

If anyone hears of a good pre-packaged firewall distribution
(like floppyfw) that is 2.4 kernel based and stateful, please
forward the info to this mailing list.

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------