On Sat, 16 Mar 2002, Patrick Beart wrote: > > > On Fri, 15 Mar 2002, Pieter De Wit wrote: > >> > >> > Why, what is wrong with ipchains/iptables ? > >> > > > > My answer is that it's "software", not hardware. > > I'm new to the whole "security" thing, but I've learned that > a hardware appliance is better than software, if only for the fact > that someone is technically already IN the machine when they hit the > firewall software. With a hardware appliance there's a physical > barrier ahead of your machines.
Oh, my...it's the old hardware vs software firewall debate, again. I'm not sure who taught you this, but they instructed you incorrectly. *EVERY* firewall is a software firewall. It doesn't matter if it's a DSL/Cable router with firewalling in the firmware, a Linux system dedicated to doing anything but being a firewall, or something like a Nokia VPN-1 firewall, using Checkpoint Firewall-1. Just out of curiosity, *IF* a firewall were truly hardware based, with no software involved, just how would you go about configuring it? _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
