Operating Systems > Linux and UNIX
Linux vs Windows a real life comparison
toadlife:
--- Quote from: piratePenguin ---Can't iptables do it? Or does it only work for the local network?
http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/12/iptables-mac-address-filtering.php
--- End quote ---
iptables can filter by MAC, but it's useless for traffic that comes from outside of the local network, because the MAC addresses are only held by switches to map physical data ports to ip addresses. Computers and routers also hold MAC>IP translation caches, but this is only to determine if the data they are sending is detined for the local network, and in the case of routers, to decide which route is the best for a packet. Computers and routers find out MAC addresses by sending out ARP requests on the network. ARP requests are broadcasts (every machine on the local recieves the request), and therefore are not routed. So when a packet comes in from an outside network, iptables can send out an arp request asking for the MAC address of the souce IP, but it will get no answer because the source machine that sent the packet is not on the local network.
toadlife:
I really son't see the beef you guys have with the Windows firewall. It was meant for ONE purpose - to stop WORMS from coming in. Right now, it does that job perfectly. It allows you to block IP addresses, and subnets, open ports and specificy which ,machines or subnet have access to those ports and also does incoming application based filtering. No, it doesn't have all the features of Iptrables, or pf, or ipfw, but these features are avaiable for free via third party apps and you know as well as I do that Microsoft including a full featured firewall with Windows would stir up a load of Anti-trust crap.
piratePenguin:
--- Quote from: toadlife ---I really son't see the beef you guys have with the Windows firewall. It was meant for ONE purpose - to stop WORMS from coming in. Right now, it does that job perfectly. It allows you to block IP addresses, and subnets, open ports and specificy which ,machines or subnet have access to those ports and also does incoming application based filtering. No, it doesn't have all the features of Iptrables, or pf, or ipfw, but these features are avaiable for free via third party apps and you know as well as I do that Microsoft including a full featured firewall with Windows would stir up a load of Anti-trust crap.
--- End quote ---
Who cares what Microsoft wanted to achieve with the Windows firewall, what matters is that it sucks, or at least that it's no iptables (whether Microsoft wanted something comparable to iptables or not).
If Microsoft lands in another anti-trust trial for including something that is actually useful, tough shit for them.
I guess in the next anti-trust trial they can bitch about being so kind as to not including a decent firewall in Windows.
H_TeXMeX_H:
--- Quote from: toadlife ---I really son't see the beef you guys have with the Windows firewall. It was meant for ONE purpose - to stop WORMS from coming in. Right now, it does that job perfectly. It allows you to block IP addresses, and subnets, open ports and specificy which ,machines or subnet have access to those ports and also does incoming application based filtering. No, it doesn't have all the features of Iptrables, or pf, or ipfw, but these features are avaiable for free via third party apps and you know as well as I do that Microsoft including a full featured firewall with Windows would stir up a load of Anti-trust crap.
--- End quote ---
so a firewall is defined as "something that stops worms" ? or does it need a little more than that in order to be called a 'firewall' ? rather than a 'wormstopper' ? Oh and I can testify that it stops about as many worms as it can ... but most of them still get though ... at least that's what other anti-virus programs indicated
toadlife:
--- Quote from: H_TeXMeX_H ---so a firewall is defined as "something that stops worms" ? or does it need a little more than that in order to be called a 'firewall' ? rather than a 'wormstopper' ?
--- End quote ---
A firewall is a device or software that processes and takes action on IP packets after checking them against a list of rules.
--- Quote ---Oh and I can testify that it stops about as many worms as it can ... but most of them still get though ... at least that's what other anti-virus programs indicated
--- End quote ---
And I can testify that you are one of the most ignorant, fanboiish people (that's saying a lot) on this forum...at least that's what your posts have indicated.:thumbup:
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version