[CLUE-Tech] Of Security and Firewalls..
Jim Intriglia
jimintriglia at hotmail.com
Tue Mar 20 13:44:30 MST 2001
Well, we do have Starband (and Sprint Broadband wireless) service here, and
I believe that represents the future of Internet connectivity (wireless).
What's amazing is folks up here are still a bit shy of going the wireless
route (I was told by a Starband installer that he's done around 30 installs
in Evergreen, Conifer and Bailey) though they have been complaining about
slow dialup access in this area for years.
C-Band dishes abound here, so it's not the satellite approach I beleive that
is causing the slow adoption. Maybe more advertising and info is needed on
the service, as our local Radio Shack rep. is still a bit in the dark on the
whole thing.
-Jim
>From: Cyberclops <Cyberclops at hawaii.rr.com>
>Reply-To: clue-tech at clue.denver.co.us
>To: clue-tech at clue.denver.co.us
>Subject: Re: [CLUE-Tech] Of Security and Firewalls..
>Date: Mon, 19 Mar 2001 16:43:24 -1000
>
>Isn't it amazing that here in remote Hawaii, we have had cable modems
>for a long time, yet in High Tech Colorado, home of the marvelous DIA
>tent, they are hard to come by.
>
>Jim Intriglia wrote:
> >
> > I checked out ClarkConnect web site - it is very impressive and would
>meet
> > my Firewall, and Internet sharing needs (plus it is based on Red Hat
>V6.2
> > which is what I'm running here).
> >
> > The one challenge is that ClarkConnect requires a DSL/Cable Internet
> > connection, which here in Conifer is non-existant. In the ClarkConnect
> > discussion forum, there was a post that referenced Smoothwall
> > (smoothwall.org) for those of us needing similar functionality with
>dialup
> > access.
> >
> > The ClarkConnect site did have some useful resources on firewalls and
> > configuration, which I am reading through now.
> >
> > Re: IPCHAINS vs IPTABLES, this almost sounds like the CGI/Java Servlets
> > argument among web developers. (CGI was supposed to go away for a number
>of
> > reasons, with Java servlets being the preferred method for enterprise
> > development.) CGI is still very much evident in web development today.
>Thus,
> > it seems logical to start reading-up/learning IPCHAINS as well as
>IPTABLES.
> >
> > Thanks Roger and Brian; off to a good start.
> >
> > :-)
> >
> > -Jim
> >
> > >From: rfrank <rfrank at rfrank.net>
> > >Reply-To: clue-tech at clue.denver.co.us
> > >To: clue-tech at clue.denver.co.us
> > >Subject: Re: [CLUE-Tech] Of Security and Firewalls..
> > >Date: Mon, 19 Mar 2001 16:22:56 -0700
> > >
> > >On Monday 19 March 2001 15:11, you wrote:
> > > > Jim,
> > > >
> > > > I've had some of the same questions recently. I definitely agree
>that
> > > > IPTABLES is better and knowledge of such would be desired. For
>myself,
> > > > however, I also want to know and understand IPCHAINS well since I
>want
> > >to
> > > > be more involved in security and many systems in place are using the
>2.2
> > > > kernel. It sounds like you are just wanting something to protect
>your
> > >own
> > > > network, so I'd go with the latest and best.
> > > >
> > > > Brian Jarrett
> > >
> > >Well, my project this past week has been to understand firewalls,
>IPCHAINS
> > >as such. After manually crafting one machine to do the job, I took an
> > >orphan machine (an old 200 MHz box with a 1.6G hard drive) and decided
> > >to give ClarkConnect a try (www.clarkconnect.org). I am impressed.
> > >
> > >I downloaded an install diskette and an small (90 megabyte) iso
>download
> > >that I burned to CD. Then on the target machine I put in the floppy,
> > >booted
> > >it, put the CD in and sat back to watch. It installed just the subset
>of
> > >RH 6.2 that it needed plus ipchains and rc.firewall and portsentry and
> > >samba and netatalk and apache and a cacheing nameserver and ssh.
> > >It has everything there to turn on ftp and telnet if I want, and dhcpd
>too
> > >but I left those off. It is also doing masquerading and includes a
> > >web-based configuration tool. License is GPL.
> > >
> > >I logged in as root and compared my scripts with what ClarkConnect
> > >did for the same topology. My rc.firewall contained far fewer ipchains
> > >entries but other than that, I was pretty close. Then the fun began.
> > >I did a shields-up scan of my site (www.linuxclssroom.org) and
> > >the report was that the machine was cloaked: it had not only blocked
> > >the ports, it appeared as if it had dropped of the net. I checked the
> > >logs and sure enough, there it was as blocked. Sweet.
> > >
> > >Bottom line: learn all you can from net docs and helpful clue-techies
> > >and try ClarkConnect to learn more and to stay safely on-line.
> > >
> > >Roger Frank
> > >
> > >_______________________________________________
> > >CLUE-Tech mailing list
> > >CLUE-Tech at clue.denver.co.us
> > >http://clue.denver.co.us/mailman/listinfo/clue-tech
> >
> > _________________________________________________________________
> > Get your FREE download of MSN Explorer at http://explorer.msn.com
> >
> > _______________________________________________
> > CLUE-Tech mailing list
> > CLUE-Tech at clue.denver.co.us
> > http://clue.denver.co.us/mailman/listinfo/clue-tech
>_______________________________________________
>CLUE-Tech mailing list
>CLUE-Tech at clue.denver.co.us
>http://clue.denver.co.us/mailman/listinfo/clue-tech
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
More information about the clue-tech
mailing list