Talk:Firewall (networking)
From Wikipedia, the free encyclopedia
Contents |
[edit] Question
What means the sentence: "A firewall is also called a Border Protection Device (BPD), especially in NATO contexts, or packet filter in BSD contexts."? Especially what means NATO contexts in this case? Why the Link to the North Atlantic Treaty Organisation?
- I wondered about that as well. I suspect someone wanted to spice up the term "firewall" by using military vocabulary. For example, DMZ (de-militarized zone) is borrowed from military speak. I believe BPD is just a borrowed term as well. The NATO has nothing to do with the Internet and a BPD in real-life is just a fence or similar. "packet filter" seems to be BSD terminology and describes a simpler kind of firewall without bells and whistles. --82.141.57.90 04:31, 23 June 2006 (UTC)
-
- I do not think that the mention of firewalls being called "BPDs" is relevant, seeing as how a Google search for "Border Protection Device" brings up this page first, and almost everything after that is completely unrelated. Could someone please cite a reference instead of just entering information into Wikipedia without showing relevance? --- Randilyn 07:27, 23 December 2006 (UTC)
-
-
- If that's the consensus (and since I agree) I'll remove it while I'm hacking a bit at the article. - Paul 16:04, 30 March 2007 (UTC)
-
[edit] Another old comment
After you install a firewall, you should perform a Firewall Test to make sure your configuration is correct.
[edit] Application-layer firewall
The Article Application_layer_firewall should benefit from all the info given here. or maybe merged completely/made into a redirect. --Deelkar (talk) 22:58, 31 Jan 2005 (UTC)
- I agree. Merging a bunch of tightly-related short article to one decent one could make a decent feature. Do we need to propose a vote somehow? I'd merge into this article both Application layer firewall and Network layer firewall. I'd even consider adding Personal firewall (without the vendor list), Demilitarized zone (computing), the proposed XML Firewall, and anything useful from Bastion Host. --ScottDavis 11:19, 26 Feb 2005 (UTC)
[edit] RFC 1918
Quote "Administrators often set up such scenarios in an effort (of debatable effectiveness) to disguise the internal address or network." - That sounds somewhat far-fetched. I wonder whether the author of that sentence has read RFC 1918 at all. Furthermore, it's not a bad idea at all to have internal and external addresses. Otherwise, it'll be much more difficult to configure proper rules and policies. However, this has nothing to do with hiding or disguising the external routable IP addresses. Last but not least, the point of RFC 1918 is that the machines behind the router(s) might have no public IP addresses. Thus, this sentence should either be removed or explained in detail. --195.62.99.203 21:15, 13 Jun 2005 (UTC)
Agree, in fact a NAT device is generally the best network device a non-technical home networking user can deploy to protect their computers from hacking. If no objections posted, will remove the phrase Xaosflux 04:58, 11 November 2005 (UTC)
- Nonsense. NAT does not prevent hacking at all especially not for "non-technical" users which will happily download and execute random files from the internet. Let me cite the motivation of RFC 1918 "The Internet has grown beyond anyone's expectations. Sustained exponential growth continues to introduce new challenges. One challenge is a concern within the community that globally unique address space will be exhausted." Everything else is just a welcome or often rather unwelcome side-effect. --82.141.58.141 02:21, 24 June 2006 (UTC)
[edit] This is more like a How-To
It feels much more like a HOWTO page rather than an encyclopeda article
[edit] Request
Could someone write a comparison of packet filters? (ipchains, pf, IPFilter, ipfw, Netfilter/iptables) ~~helix84 01:25, 15 November 2005 (UTC)
Can someone include the origin of "firewall"? I'm curious to know how the term came about.
[edit] rb
Can someone find a link to a rendered animation about the workings of a firewall. From memory it's about 100Mb in size [no it isn't, it's about 73Mb] and shows the journey of packets into and through a firewall [at the very least]. Very educational. Sure is! Great work 'Warriors of the Net' ! thank you. I just can't remember where I saw it and I've searched with clusty and google images. Much appreciated for finding the link if someone could. Fret no more; go get it from here: Warriors of the Net —The preceding unsigned comment was added by 61.68.161.192 (talk • contribs) 03:46, August 20, 2006.
[edit] Suggestion
Could someone break down the OS platforms for each firewall implementation? It's not very useful to the casual reader not knowing which firewall goes with which OS. (ie: Linux, Windows, Mac... etc) —The preceding unsigned comment was added by 72.38.140.225 (talk • contribs) 08:34, September 19, 2006.
[edit] Morris Worm
This statement describes this virus/worm as still being a current problem today -- is this accurate?
"This virus known as the Morris Worm was carried by e-mail and is now a common nuisance for even the most innocuous domestic user." —The preceding unsigned comment was added by 75.7.44.13 (talk • contribs) 16:31, September 23, 2006.
[edit] Consumer Product Definitions of Firewall Types
I'm a consumer looking at the firewall descriptions of various DSL modems and routers, trying to compare different products and figure out what firewall features are available that I should look for. This Wikipedia article hasn't really clarified the situation for me.
One product says "Advanced security from hacker attacks with Stateful Packet Inspection (SPI) and Network Address Translation (NAT) firewalls".
Are those vague general terms, or exact specifications of firewall techniques that will be the same for any product that claims to do them? Statefully inspecting the packets for what -- the same things in any product that implements this? Is NAT really an active firewall, or just that the nature of a shared IP at the router device has this benefit?
One says "Protects PCs from Ping of Death, SYN Flood, Land Attack, IP Spoofing, and other DoS (Denial of Service) Attacks", another says protects against DoS attacks. Is product A better?
Etc. —The preceding unsigned comment was added by 75.6.235.68 (talk • contribs) 22:46, September 24, 2006.
[edit] Cleanup
Unless there are objections, I'd like to remove the lengthy lists and wikify comment boxes, or at least place them in the sections. Regardless, the article still needs work. Luis F. Gonzalez 17:50, 17 November 2006 (UTC)
- I agree, it's no use having a list of 'all' software/hardware firewalls. Maybe the most common ones (or any, it are just examples...) could be kept in the lists (let's say two or three per category).
[edit] Firewall architectures
I expected to find more about different firewall architectures here, but I didn't. More information about this can be found on this site. It's also great resource for anyone who would like to work on this article.--Bernard François 20:05, 19 January 2007 (UTC)
There are way too many "generations" in this article - a graphical interface does not a new generation make. IMHO. Of course ;-) I propose to trim the subsequent generations somewhat (and am renaming the section to "subsequent developments", in preparation). - Paul 16:35, 30 March 2007 (UTC)
[edit] Accuracy of Information
The information on the page is neither accurate nor useful. I suggest that this page be removed and re-done by a more experienced person who does work in this particular field. It would be unwise to allow such inaccurate information to ruin the reputation of Wikipedia.
Also, other more reliable sites have sometimes contradicted information on this site. This site states none of its sources, so it might have been made up or written from observations, not factual evidence. —The preceding unsigned comment was added by 58.179.138.69 (talk) 10:29, 22 February 2007 (UTC).
[edit] Firewall comparison link
I put a link to this comparison of free firewalls in the external links section, and it was removed about a day later. I think it's a good comparison, and while it does use wordpress, it's not a blog. The same articles could be put on a stand-alone site. This is the last I'll have to do with this, and I don't plan to argue for it after this post; if anyone else would like to add the link, that would be great.--Theymos 08:00, 9 March 2007 (UTC)
- Looks like a pretty clueless reviewer to me, I would prefer not endorsing this link. -- intgr 08:49, 9 March 2007 (UTC)
