Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Firewall
Operating Systems AIX Firewall Post 302447808 by bakunin on Tuesday 24th of August 2010 11:05:27 AM
Old 08-24-2010
A firewall - out of principle - can only protect the network behind it, not the system it runs on itself *) and there are only two roles for any given network node, which are absolutely distinct: firewall or host. If a node acts as a firewall it must not work as a host and if it acts as a host it must not work as a firewall - period.

Having said this you might be looking for firewall software installable on AIX. There are several choices:
  • IPSec has already been mentioned and is available since AIX 4.x. It is part of AIX and available for free.
  • SecureWay was a firewall product for AIX 4.x and - i believe - for AIX 5L (as part of the Global Security Kit). It has been distributed by IBM and there is a redbook at IBM Redbooks.
  • Commercial Products like the Check Point FireWall-1, for which also exists an IBM redbook.

I hope this helps.

bakunin

______
*) Corollary: all the "personal firewalls" sold with some popular graphical interrupt-handler (which misrepresents itself as an operating system) are simple packet filters, which do nothing to enhance any security but everything to enhance their vendors bank accounts. These "firewalls" just add some - utterly false - sense of security to the users experience. Stay away from those firewalls, the users of these and the underlying code waste dumps as well.
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

What Firewall do you use?

Just out of curiosity, I see a lot of people here use Linux IPTables as their firewall. Anyone here use something else like OpenBSD PF or *BSD IPF, IPFW? I'm quite fond of OpenBSD and their Packet Filters. I find their syntax much easier to manage and from my personal experience, I find them... (5 Replies)
Discussion started by: tarballed
5 Replies

2. Cybersecurity

Looking Out from Behind a Firewall

Would it be possible to restrict access to internet pages in the following way? A machine: IP = 128.1.17.123 Only pages from domains of the type "go.jp" and "ne.jp" are viewable. All others are not viewable or only partly viewable. B machine: IP = 128.1.17.146 Regardless of the domain... (4 Replies)
Discussion started by: mntamago
4 Replies

3. IP Networking

Linux Firewall

ON A LINUX NETWORK, HOW DO I ASSIGN IP ADDRESSES TO OTHER TERMINALS AND AFTER THAT HOW I CAN DENY/GRANT ACCESS TO TERMINALS ON A LAN TO MY TERMINAL.PLEASE SPECIFY THE EXACT COMMANDS.kINDLY HELP ME (3 Replies)
Discussion started by: ameya_shaligram
3 Replies

4. UNIX for Advanced & Expert Users

routing and firewall

I have a PC with KUBUNTU installed on it and with 2NIC's on it (two PCI network 100Mbit cards). I want to use it as a server packet router and firewall between two computers with windows installed on them, each of this computer being connected to one different card on the KUBUNTU server. The... (1 Reply)
Discussion started by: meorfi
1 Replies

5. Cybersecurity

help with firewall

hi everyone I am a newbee to firewall scripting. cannot understand how to write rules per host. in ip6tables. anyone plz:( (2 Replies)
Discussion started by: xecutioner
2 Replies

6. Homework & Coursework Questions

firewall query

Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted! 1. The problem statement, all variables and given/known data: produce a report containing an iptable firewall definition for a system requproduce a report containing an... (0 Replies)
Discussion started by: boabbyrab
0 Replies

7. SuSE

Firewall

Is there a command line interface to the firewall? (4 Replies)
Discussion started by: jgt
4 Replies

8. Linux

Firewall?

Dear All I have put my windows machine behind my centos firewall server with just one NIC. At now, the windows machine can ping 192.9.9.3 but cannot resolve valid url (like www.google.com). I have set DNS for it as well. Can you please let me know what is the missing step? Thank you (6 Replies)
Discussion started by: hadimotamedi
6 Replies

9. Cybersecurity

Firewall

Hey Guys, I am looking for a good firewall software to implement in medium/large office, with at least 150 users. I was hopping you guys could help me on this one. Regards, (4 Replies)
Discussion started by: andrevicente
4 Replies

LEARN ABOUT DEBIAN

welf_proxy2dlf

WELF_PROXY2DLF.IN(1)					  LogReport's Lire Documentation				      WELF_PROXY2DLF.IN(1)

NAME

       welf_proxy2dlf - convert logs in WebTrends Enhanced Log Format to proxy DLF

SYNOPSIS

       welf_proxy2dlf file

DESCRIPTION

       welf_proxy2dlf converts firewall logs in the WebTrends Enhanced Log Format into the proxy DLF.

       That format is defined at the following URL: http://www.netiq.com/partners/technology/welf.asp

       This converter also supports the SonicWall extensions.

       A list of firewall products that supports that format can be found at the following URL: http://www.netiq.com/products/fwr/compatible.asp

EXAMPLES

       To process a log as produced by a WebTrends proxy:

	$ welf_proxy2dlf < welf-proxy.log

       welf_proxy2dlf will be rarely used on its own, but is more likely called by lr_log2report:

	$ lr_log2report welf_proxy < /var/log/welf-proxy.log

IMPLEMENTATION NOTES

       Welf log files contains information about many applications: proxies, packet filters, IDS. IDS and packet filters information is handled by
       the firewall superservice, whereas the proxy information is handled by the proxy supersevice.

       This converter will only convert records with a proto, src and dst field. All other records are ignored (they won't be ignored by the
       firewall superservice).

SEE ALSO

       Lire::WELF(3) welf2dlf(1)

AUTHORS

       Francis J. Lacoste <flacoste@logreport.org>

VERSION

       $Id: welf_proxy2dlf.in,v 1.8 2006/07/23 13:16:36 vanbaal Exp $

COPYRIGHT

       Copyright (C) 2001 Stichting LogReport Foundation LogReport@LogReport.org

       This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by
       the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
       http://www.gnu.org/copyleft/gpl.html.

Lire 2.1.1							    2006-07-23						      WELF_PROXY2DLF.IN(1)
All times are GMT -4. The time now is 11:57 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy