Binary package “zorp” in ubuntu intrepid
An advanced protocol analyzing firewall
Zorp is a new generation firewall. It is essentially a transparent proxy
firewall, with strict protocol analyzing proxies, a modular architecture,
and fine-grained control over the mediated traffic. Configuration decisions
are scriptable with the Python based configuration language.
Zorp has been successfully deployed in demanding environments like the
protection of high traffic web sites, or the protection of large intranets.
Since the protocol analysis is strict and many of the common exploits
violate the application protocol they are injected into, a large percentage
of the attacks do not cross a Zorp based firewall even if the given service
In a labor environment we could fully saturate a 100MBit ethernet link, and
use up to about 600MBit of the bandwidth of an 1000MBit ethernet link. In
real life situations we saturated a 10MBit internet link with 500 parallel