>> You're correct. A firewall cannot block viruses.
Quote:> a packet filter can't, but an application level content screening system
> can. it's just very hard to do. this is usually done by proxy firewalls.
Indeed. But it is not very hard to do, only expensive.
A lot of people mistake a packet filter (such as ipchains or ipfilter)
for a firewall. A firewall is more of a concept, using packet filtering
_together_ with proxying, and email and content filtering.
A good firewall consists of more than one component, such as routers,
proxies, and (stateful) packet filters.
"This is not an attack! It is a pre-emptive retaliation."