Hi,
Just wanted to find out if anyone can help me figure something out...
I'm under the understanding that a linux system using its ipchains rule sets can not tell the difference between traffic on its ports?
where as OpenBSD's PF can.
My first question is.
Lets suppose every port is nailed down tight on a linux system, except port 80
someone with know how could possibly use ssh over port 80 and send files via a secure copy to a foreign server using encryption over an open (or any port) punching right through a firewall.
Would PF provide any better protection against that?
the other question I had was if anyone knew of a resource that provides a good comparison between the capabilities and short comings of a linux based system vs OpenBSD's PF? (everything I found was out of date)
Thanks,