Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 18th March 2013
phyro phyro is offline
Port Guard
Join Date: Sep 2010
Posts: 27
Default pf filtering


Just wanted to find out if anyone can help me figure something out...

I'm under the understanding that a linux system using its ipchains rule sets can not tell the difference between traffic on its ports?

where as OpenBSD's PF can.

My first question is.

Lets suppose every port is nailed down tight on a linux system, except port 80
someone with know how could possibly use ssh over port 80 and send files via a secure copy to a foreign server using encryption over an open (or any port) punching right through a firewall.

Would PF provide any better protection against that?

the other question I had was if anyone knew of a resource that provides a good comparison between the capabilities and short comings of a linux based system vs OpenBSD's PF? (everything I found was out of date)

Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Content Filtering with OpenBSD alpha202ej OpenBSD Security 4 21st December 2011 01:38 PM
PF - packets filtering by length? magnesik OpenBSD Security 3 3rd July 2011 12:46 PM
What tool for dynamic I.P filtering unixjingleman OpenBSD Security 1 2nd March 2011 11:31 AM
Web content filtering Crypt FreeBSD Security 14 14th December 2008 02:38 PM

All times are GMT. The time now is 08:51 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick