Security Portal: Ask Buffy - "owning" Apache, listing of port numbers and stateful firewallsDec 14, 2000, 08:53 (0 Talkback[s])
(Other stories by Buffy)
"This week we discuss IPSec issues; an FTP client that supports SSL; "owning" Apache; EML extensions; listing of port numbers; connecting a Linux machine to the Internet; and stateful firewalls."
"Who should own Apache? I have nobody as the owner and the group, but I'm not sure if this is safe or not...."
"I have had a discussion with a colleague about different types of firewalls. He scorned at my mentioning the Linux ipchains and said that ipchains is a stateless firewall, meaning (I figured) that a stateful firewall is more secure since it can trace individual connections instead of individual packets. I can understand the advantage of a stateful firewall for doing things like SSL in a load-balanced environment, but I do not see how it improves security. Would you say that a stateful firewall is a more secure technology (I am not talking about any particular implementation), and if it is, why?"