[CLUE-Tech] Of Security and Firewalls..

Jim Intriglia jimintriglia at hotmail.com
Tue Mar 20 13:44:30 MST 2001 

Well, we do have Starband (and Sprint Broadband wireless) service here, and 
I believe that represents the future of Internet connectivity (wireless).

What's amazing is folks up here are still a bit shy of going the wireless 
route (I was told by a Starband installer that he's done around 30 installs 
in Evergreen, Conifer and Bailey) though they have been complaining about 
slow dialup access in this area for years.

C-Band dishes abound here, so it's not the satellite approach I beleive that 
is causing the slow adoption. Maybe more advertising and info is needed on 
the service, as our local Radio Shack rep. is still a bit in the dark on the 
whole thing.

-Jim

>From: Cyberclops <Cyberclops at hawaii.rr.com>
>Reply-To: clue-tech at clue.denver.co.us
>To: clue-tech at clue.denver.co.us
>Subject: Re: [CLUE-Tech] Of Security and Firewalls..
>Date: Mon, 19 Mar 2001 16:43:24 -1000
>
>Isn't it amazing that here in remote Hawaii, we have had cable modems
>for a long time, yet in High Tech Colorado, home of the marvelous DIA
>tent, they are hard to come by.
>
>Jim Intriglia wrote:
> >
> > I checked out ClarkConnect web site - it is very impressive and would 
>meet
> > my Firewall, and Internet sharing needs (plus it is based on Red Hat 
>V6.2
> > which is what I'm running here).
> >
> > The one challenge is that ClarkConnect requires a DSL/Cable Internet
> > connection, which here in Conifer is non-existant. In the ClarkConnect
> > discussion forum, there was a post that referenced Smoothwall
> > (smoothwall.org) for those of us needing similar functionality with 
>dialup
> > access.
> >
> > The ClarkConnect site did have some useful resources on firewalls and
> > configuration, which I am reading through now.
> >
> > Re: IPCHAINS vs IPTABLES, this almost sounds like the CGI/Java Servlets
> > argument among web developers. (CGI was supposed to go away for a number 
>of
> > reasons, with Java servlets being the preferred method for enterprise
> > development.) CGI is still very much evident in web development today. 
>Thus,
> > it seems logical to start reading-up/learning IPCHAINS as well as 
>IPTABLES.
> >
> > Thanks Roger and Brian; off to a good start.
> >
> > :-)
> >
> > -Jim
> >
> > >From: rfrank <rfrank at rfrank.net>
> > >Reply-To: clue-tech at clue.denver.co.us
> > >To: clue-tech at clue.denver.co.us
> > >Subject: Re: [CLUE-Tech] Of Security and Firewalls..
> > >Date: Mon, 19 Mar 2001 16:22:56 -0700
> > >
> > >On Monday 19 March 2001 15:11, you wrote:
> > > > Jim,
> > > >
> > > > I've had some of the same questions recently.  I definitely agree 
>that
> > > > IPTABLES is better and knowledge of such would be desired.  For 
>myself,
> > > > however, I also want to know and understand IPCHAINS well since I 
>want
> > >to
> > > > be more involved in security and many systems in place are using the 
>2.2
> > > > kernel.  It sounds like you are just wanting something to protect 
>your
> > >own
> > > > network, so I'd go with the latest and best.
> > > >
> > > > Brian Jarrett
> > >
> > >Well, my project this past week has been to understand firewalls, 
>IPCHAINS
> > >as such.  After manually crafting one machine to do the job, I took an
> > >orphan machine (an old 200 MHz box with a 1.6G hard drive) and decided
> > >to give ClarkConnect a try (www.clarkconnect.org).  I am impressed.
> > >
> > >I downloaded an install diskette and an small (90 megabyte) iso 
>download
> > >that I burned to CD.  Then on the target machine I put in the floppy,
> > >booted
> > >it, put the CD in and sat back to watch.  It installed just the subset 
>of
> > >RH 6.2 that it needed plus ipchains and rc.firewall and portsentry and
> > >samba and netatalk and apache and a cacheing nameserver and ssh.
> > >It has everything there to turn on ftp and telnet if I want, and dhcpd 
>too
> > >but I left those off.  It is also doing masquerading and includes a
> > >web-based configuration tool.  License is GPL.
> > >
> > >I logged in as root and compared my scripts with what ClarkConnect
> > >did for the same topology.  My rc.firewall contained far fewer ipchains
> > >entries but other than that, I was pretty close.  Then the fun began.
> > >I did a shields-up scan of my site (www.linuxclssroom.org) and
> > >the report was that the machine was cloaked: it had not only blocked
> > >the ports, it appeared as if it had dropped of the net.  I checked the
> > >logs and sure enough, there it was as blocked.  Sweet.
> > >
> > >Bottom line: learn all you can from net docs and helpful clue-techies
> > >and try ClarkConnect to learn more and to stay safely on-line.
> > >
> > >Roger Frank
> > >
> > >_______________________________________________
> > >CLUE-Tech mailing list
> > >CLUE-Tech at clue.denver.co.us
> > >http://clue.denver.co.us/mailman/listinfo/clue-tech
> >
> > _________________________________________________________________
> > Get your FREE download of MSN Explorer at http://explorer.msn.com
> >
> > _______________________________________________
> > CLUE-Tech mailing list
> > CLUE-Tech at clue.denver.co.us
> > http://clue.denver.co.us/mailman/listinfo/clue-tech
>_______________________________________________
>CLUE-Tech mailing list
>CLUE-Tech at clue.denver.co.us
>http://clue.denver.co.us/mailman/listinfo/clue-tech

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

More information about the clue-tech mailing list