SLUG Mailing List Archives
Re: [SLUG] Firewall security audit report
- To: Umar Goldeli <umar@xxxxxxxxxxxxxx>
- Subject: Re: [SLUG] Firewall security audit report
- From: Crossfire <xfire@xxxxxxxx>
- Date: Thu Mar 1 09:21:01 2001
- Cc: Howard Lowndes <lannet@xxxxxxxxxxxxx>, chesty <chesty@xxxxxxxxxx>, SLUG Mailing list <slug@xxxxxxxxxxx>
- User-agent: Mutt/1.2.5i
Umar Goldeli was once rumoured to have said:
> > Hence why you use stateful inspection firewalls, not ipchains.
> > ipchains is completely unflexible in this regard.
> It works, but even so, let's face it, stateful inspection in regards to
> UDP is still a kludge. ;)
Stateful inspection is the only way to come remotely close to securing
UDP without stepping to the point of not using it at all.
Crossfire | This email was brought to you
xfire@xxxxxxxx | on 100% Recycled Electrons