Just wanted to find out if anyone can help me figure something out...
I'm under the understanding that a linux system using its ipchains rule sets can not tell the difference between traffic on its ports?
where as OpenBSD's PF can.
My first question is.
Lets suppose every port is nailed down tight on a linux system, except port 80
someone with know how could possibly use ssh over port 80 and send files via a secure copy to a foreign server using encryption over an open (or any port) punching right through a firewall.
Would PF provide any better protection against that?
the other question I had was if anyone knew of a resource that provides a good comparison between the capabilities and short comings of a linux based system vs OpenBSD's PF? (everything I found was out of date)
|Thread||Thread Starter||Forum||Replies||Last Post|
|Content Filtering with OpenBSD||alpha202ej||OpenBSD Security||4||21st December 2011 01:38 PM|
|PF - packets filtering by length?||magnesik||OpenBSD Security||3||3rd July 2011 01:46 PM|
|What tool for dynamic I.P filtering||unixjingleman||OpenBSD Security||1||2nd March 2011 11:31 AM|
|Web content filtering||Crypt||FreeBSD Security||14||14th December 2008 02:38 PM|