Hardware Versus Software Firewalls
Subject:   competence ?? What does the author need a firewall for ??
Date:   2007-02-15 23:44:53
From:   noxxi
I think the first question one need to ask before evaluating a firewall is the attack scenario, which differs if you need to protect windows computers in a company, a web or ftp server, a VOIP gateway ...

From the first sentences in the article one could assume that it is about computers inside a company, which are today mainly windows. So it is missing all the virus and trojans scan stuff which is essential for this environment, it's missing attacks against browsers, it's missing attacks from inside (if there is already a trojan inside)...

In this environment you don't really care about syn-floods because it's mainly outgoing connections.

And I really doubt the security related competence of the authors if they recommand to use wireshark to capture the traffic. Given the security record if this (otherwise really good) application I would never let it capture the traffic, because this requires root privileges. I would instead use tcpdump to capture and then run wireshark as an unpriviledged user to read and display the dump.

1 to 1 of 1
1 to 1 of 1