08-24-2010
A firewall - out of principle - can only protect the network behind it, not the system it runs on itself *) and there are only two roles for any given network node, which are absolutely distinct: firewall or host. If a node acts as a firewall it must not work as a host and if it acts as a host it must not work as a firewall - period.
Having said this you might be looking for firewall software installable on AIX. There are several choices:
- IPSec has already been mentioned and is available since AIX 4.x. It is part of AIX and available for free.
- SecureWay was a firewall product for AIX 4.x and - i believe - for AIX 5L (as part of the Global Security Kit). It has been distributed by IBM and there is a redbook at IBM Redbooks.
- Commercial Products like the Check Point FireWall-1, for which also exists an IBM redbook.
I hope this helps.
bakunin
______
*) Corollary: all the "personal firewalls" sold with some popular graphical interrupt-handler (which misrepresents itself as an operating system) are simple packet filters, which do nothing to enhance any security but everything to enhance their vendors bank accounts. These "firewalls" just add some - utterly false - sense of security to the users experience. Stay away from those firewalls, the users of these and the underlying code waste dumps as well.
9 More Discussions You Might Find Interesting
1. Cybersecurity
Just out of curiosity, I see a lot of people here use Linux IPTables as their firewall.
Anyone here use something else like OpenBSD PF or *BSD IPF, IPFW?
I'm quite fond of OpenBSD and their Packet Filters. I find their syntax much easier to manage and from my personal experience, I find them... (5 Replies)
Discussion started by: tarballed
5 Replies
2. Cybersecurity
Would it be possible to restrict access to internet pages in the following way?
A machine:
IP = 128.1.17.123
Only pages from domains of the type "go.jp" and "ne.jp" are viewable. All others are not viewable or only partly viewable.
B machine:
IP = 128.1.17.146
Regardless of the domain... (4 Replies)
Discussion started by: mntamago
4 Replies
3. IP Networking
ON A LINUX NETWORK, HOW DO I ASSIGN IP ADDRESSES TO OTHER TERMINALS AND AFTER THAT HOW I CAN DENY/GRANT ACCESS TO TERMINALS ON A LAN TO MY TERMINAL.PLEASE SPECIFY THE EXACT COMMANDS.kINDLY HELP ME (3 Replies)
Discussion started by: ameya_shaligram
3 Replies
4. UNIX for Advanced & Expert Users
I have a PC with KUBUNTU installed on it and with 2NIC's on it (two PCI network 100Mbit cards). I want to use it as a server packet router and firewall between two computers with windows installed on them, each of this computer being connected to one different card on the KUBUNTU server. The... (1 Reply)
Discussion started by: meorfi
1 Replies
5. Cybersecurity
hi everyone
I am a newbee to firewall scripting. cannot understand how to write rules per host. in ip6tables.
anyone plz:( (2 Replies)
Discussion started by: xecutioner
2 Replies
6. Homework & Coursework Questions
Use and complete the template provided. The entire template must be completed. If you don't, your post may be deleted!
1. The problem statement, all variables and given/known data:
produce a report containing an iptable firewall definition for a system requproduce a report containing an... (0 Replies)
Discussion started by: boabbyrab
0 Replies
7. SuSE
Is there a command line interface to the firewall? (4 Replies)
Discussion started by: jgt
4 Replies
8. Linux
Dear All
I have put my windows machine behind my centos firewall server with just one NIC. At now, the windows machine can ping 192.9.9.3 but cannot resolve valid url (like www.google.com). I have set DNS for it as well. Can you please let me know what is the missing step?
Thank you (6 Replies)
Discussion started by: hadimotamedi
6 Replies
9. Cybersecurity
Hey Guys,
I am looking for a good firewall software to implement in medium/large office, with at least 150 users.
I was hopping you guys could help me on this one.
Regards, (4 Replies)
Discussion started by: andrevicente
4 Replies
LEARN ABOUT DEBIAN
welf_proxy2dlf
WELF_PROXY2DLF.IN(1) LogReport's Lire Documentation WELF_PROXY2DLF.IN(1)
NAME
welf_proxy2dlf - convert logs in WebTrends Enhanced Log Format to proxy DLF
SYNOPSIS
welf_proxy2dlf file
DESCRIPTION
welf_proxy2dlf converts firewall logs in the WebTrends Enhanced Log Format into the proxy DLF.
That format is defined at the following URL: http://www.netiq.com/partners/technology/welf.asp
This converter also supports the SonicWall extensions.
A list of firewall products that supports that format can be found at the following URL: http://www.netiq.com/products/fwr/compatible.asp
EXAMPLES
To process a log as produced by a WebTrends proxy:
$ welf_proxy2dlf < welf-proxy.log
welf_proxy2dlf will be rarely used on its own, but is more likely called by lr_log2report:
$ lr_log2report welf_proxy < /var/log/welf-proxy.log
IMPLEMENTATION NOTES
Welf log files contains information about many applications: proxies, packet filters, IDS. IDS and packet filters information is handled by
the firewall superservice, whereas the proxy information is handled by the proxy supersevice.
This converter will only convert records with a proto, src and dst field. All other records are ignored (they won't be ignored by the
firewall superservice).
SEE ALSO
Lire::WELF(3) welf2dlf(1)
AUTHORS
Francis J. Lacoste <flacoste@logreport.org>
VERSION
$Id: welf_proxy2dlf.in,v 1.8 2006/07/23 13:16:36 vanbaal Exp $
COPYRIGHT
Copyright (C) 2001 Stichting LogReport Foundation LogReport@LogReport.org
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
http://www.gnu.org/copyleft/gpl.html.
Lire 2.1.1 2006-07-23 WELF_PROXY2DLF.IN(1)