It is quite obvious. If the device doesn't have Layer 3 address it cannot be attacked on Layer 3.
However usually bridging firewalls have layer 3 address for monitoring and management purposes and it causes some vulnerability to the solution. The most important factor of bridging firewalls is that they can be totally transparent to other devices (both in layer 2 and 3) which will make it a lot harder to get the actual network topology of the environment. Because of that it can also cause some headache to network troubleshooting. So, to answer your question. Bridging Firewall has advantage against routing firewall in this security aspect. However there are many other things to consider and this is not the most important one and not even so close to the top. rgds, Harri -----Original Message----- From: ext Georges J. JAHCHAN, P. Eng. [mailto:[EMAIL PROTECTED]] Sent: Friday, April 12, 2002 09:59 To: Firewalls List Subject: Bridging vs. Routing Firewalls. A manufacturer of bridging firewalls (which are also capable of operating as static routing devices) claim that using their firewalls in bridging mode is more secure than in routing mode. Their reasoning is that in bridging mode, the device's Ethernet interfaces do not need to be assigned IP addresses, thus the box itself is immune to hacking. Also, any MAC address which moves from one interface to another is blocked, until cleared by the administrator (though this feature can be disabled). Is there any truth to the claim of a higher level of security (all else being equal)? _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
