Most sophisticated free firewall?

1: what exactly is truth ? Something that everybody holds to be the case ? Or most people ? or just you ? But then, each of these 3 groups can be wrong... 2: "reason to believe"... exactly: thus the "fact" is reduced to a belief. 3: Opinions cannot be founded by only facts. If they were, the opinions would be knowledge. 4; truth is a shaky concept. One can know things that are not true.
Reply to
Loading thread data ...

try to define fact and you will see that that is flawed. security is just as much based on opinion, even feelings, as it is on situations that are by many (relevant) people believed to be the case. Logical positivism is dead. and hyperrationality is dangerous as well as stupid.

Reply to

An observation that is reproducible.

Yeah? How?

Yes, but opinion that should be grounded in fact. As I said before.


Who believes this?

M-hm. Of course you are not going to support this opinion with any kind of argument, because that would be stupid as well, and your opinion should be reason enough for everyone, right?


Reply to
Ansgar -59cobalt- Wiechers

Sheesh you're dense - Truth is that which is supported by fact.

No, taken in context, it means that if a company has a history of providing verifiable facts in relation to xyz, that you can put some credence in what they say the next time - although you need to verify their findings with your own findings.

Opinions are often not found in facts, but facts can be found in opinions, and truth can only be founded in facts.

Wrong, truth is absolute - as are facts. If it's questionable then it's not really a truth or a fact until proven.

Reply to

2: Netfilter


Reply to
Volker Birk

OK, how about the real IP/subnetmask/port firewall built into your DSL/CableModem? It's free, it operates at layer 3, and it is working outside your PC's messy world, inline before the Ethernet frames even reach your PC. Also most of the ones I have seen (cisco/linksys) are capable of doing some filtering for the OSI layers

4-7 (anti-virus/ spyware) again *before* the encapslated data even reaches the insecure world of your PC. These kind of devices also can do NAT to hide the IP address of your internal private network.

Now, to add something to this tread, what about low cost devices that could look for IP spoofing, man in the middle attacks, port scanning, layer 4 attacks (such as TCP sequence number attacks), etc. See

formatting link
Has anyone done research on low cost (< $1k, for example) devices for upper layer protection

*before* the data even reaches the insecure world of Windows)?

I'm aware of what's available in UNIX/LINUX, but thinking about low cost devices.

It may be that the best low cost solution is a dual homed computer running snort, iptables, imap, Nessus... but wondering if any devices are being shipped that do all this in firmware?

Cheers, ~DRH~

Reply to
DrSpock Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.