|
|
|
|
|
|
by mike463
5690 days ago
|
|
|
Firewalls can protect you from a number of things because they deal with the entire stack at once, which tcpwrappers can't do. They can detect and take action against denial of service attacks, port scans and probes for known vulnerabilities.
They can manage incoming connections statefully. They can block outgoing connections (big one there), including replies from the stack that give away information you don't want to give away. They can also log what's going on. Really, the ideal system only responds to the one port you're serving (and should stop that if you DOS or probe the system). |
|
|