[ml] Firewall Builder

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]

Archivio: Giugno 2004 ml@sikurezza.org
Soggetto: [ml] Firewall Builder
Mittente: Lonelyw0lf
Data: Fri, 25 Jun 2004 13:15:52 +0200 (CEST)

Salve a tutta LA ml.

Qui in stage mi sono appena imbattuto in questo firewall builder, che sembra
interessante dal punto di vista di manutenibilità e gestione e ho pensato di
segnalarlo.
Fondamentalmente è una GUI (gtk) .. anzi, pasto direttamente :)

"...Firewall Builder consists of an object-oriented GUI and a set of policy
compilers for various firewall platforms. In Firewall Builder, a firewall
policy is a set of rules; each rule consists of abstract objects that
represent real network objects and services (hosts, routers, firewalls,
networks, protocols). Firewall Builder helps users maintain a database of
objects and allows policy editing using simple drag-and-drop operations. 

Preferences and object databases are stored in XML format. The GUI and
policy compilers are completely independent. The GUI requires only minimal
changes in order to add support for a new firewall platform even though a
new policy compiler must be written. This provides for a consistent abstract
model and the same GUI for different firewall platforms. Standardized XML
data format opens possibility for many user interfaces and policy compiler
implementations, all interchangeable. 

We have policy compilers for the popular free firewalls iptables
http://www.iptables.org/, ipfilter http://coombs.anu.edu.au/~avalon/, pf
http://www.benzedrine.cx/pf.html. Because of the modular architecture,
Firewall Builder can be used to manage firewalls built on a variety of
platforms including, but not limited to, Linux using iptables, ipfilter on
FreeBSD or Solaris and pf on OpenBSD. 

The GUI is written using GTK-- and does not require any Gnome libraries. 

An interactive "Druid" facilitates easy kick-start. Basically, to start, one
should create objects for the firewall and internal network and then use the
druid. It will ask a few questions and then build a basic skeleton policy,
which can be edited manually. The same druid can be used to add specific
"standard" rules later on...."


Sul sito potete vedere anche degli screenshot.
(http://www.firewallbuilder.org)

Qui invece trovate un paio di tabelline che mostrano per quali prodotti
genera le relative regole e i relativi OS ovviamente:

http://www.fwbuilder.org/archives/cat_faq.html#AEN30

Saluti

___________
Lonely Wolf 
 --
 Email.it, the professional e-mail, gratis per te: http://www.email.it/f
 
 Sponsor:
 Incredibile offerta: 18 eccellenti vini Giordano + 7 gustose specialità
alimentari compreso un carrello dispensa o una batteria di pentole.

 Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=2619&d=20040625

Messaggi successivi:
- Re: [ml] Firewall Builder, Flavio Visentin
- Re: [ml] Firewall Builder, Stefano Zanero

Data:
- precedente: [ml] R:Internet banking security hole, Tessarollo Franco
- successivo: Re: Re: [ml] ARP spoofing, crwm
- indice

Argomento:
- precedente: [ml] R:Internet banking security hole, Tessarollo Franco
- successivo: Re: [ml] Firewall Builder, Stefano Zanero
- indice

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005