A stealth firewall is a bridge that applies firewall rules to packets that pass through it. The reason "stealth" is used is because a bridge is transparent to the machines using it: they can't tell that all the machines in the subnet aren't on the same physical lan. This also means that you can insert and remove such a device without disruption or indeed any awareness by the users of the network. The device itself doesn't even requre any ip addresses of its own, so it can be truly invisible.
These are also sometimes called "transparent firewalls", "in-line firewalls" and (of course) 'bridging firewalls".
There's an open source project (
Hogwash) that seems to be dying right now, but LinuxWorld recently
ran a good article
about configuring something like this with ebtables.
Got something to add? Send me email.
More Articles by Tony Lawrence © 2009-11-07 Tony Lawrence
Silence is better than unmeaning words. (Pythagoras)
Printer Friendly Version
stealth firewall,ebtables: Tech Words of the Day Copyright © February 2005 Tony Lawrence
Have you tried Searching this site?
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.
Contact us
Printer Friendly Version