>I have chucked the issue but my recollectuion is that the magazine >(British edition) tested IPNet Sentry - which *is* a firewall - and >IPNetRouter, with which it is usually sold and the two used together. The >performance was actually worse than Apple's own firewall, although that >of course is OSX only.
I'd be interested in knowing what they tested for. I thought IPNetRouter in OS X was nothing more then a nice front end to ipfw in OS X. In other words, I wouldn't have expected it to do any worse (or better) then Apple's firewall solution (which is also just a nice front end to ipfw). I guess I was mistaken and IPNetRouter is an entirely self contained IP solution. I don't know much about the OS X version of IPNetSentry. I used IPNS on my iMac for a while back when they first released it. It didn't do much except report periodically that someone was trying to access ports on my iMac (which of course could have safely gone ignored since I wasn't running anything on the machine that used those ports anyway... this was back with OS 8.x). >Seems to me that the risks are pretty moderate for dial-up users, but >potentially much greater when permanently connected via cable. At the >least I would like to see all ports stealthed. Sustainable Software's >offering does not offer that protection. That's odd... I ran IPNetRouter for a long time at work, and it always stealthed all ports that I did not specifically open for forward. However, if they checked for port stealth while using IPNetSentry, AND they complained that was a failed feature, then they simply didn't understand what IPNetSentry does. Last I knew, it wasn't supposed to stealth ports, instead, it acted as a honey pot to allow hack attempts to be isolated and then drop entirely off the network from them. A honey pot is when a firewall deliberatly leaves a typical intrusion point open for monitor. That way, script kiddies will hit the honey pot, the firewall logs the IP, and then ignores all traffic of any kind from that IP for whatever duration the admin tells it. These are useful when you have to leave certain ports open for services (such as a web host), and you don't know in advance what IP addresses will be used to access the services (such as when hosting a public web site), but you want to be able to have a better chance of stopping people that appear to be up to no good. -chris <http://www.mythtech.net> ___________________________________________________________________________ To unsubscribe send a mail message with a SUBJECT line of "unsubscribe" to <[EMAIL PROTECTED]> or <[EMAIL PROTECTED]>
