John Colby
jwcolby at ColbyConsulting.com
Mon Oct 10 16:36:04 CDT 2005
pctech at mybellybutton.com I take it you want to be known as pctech at mybellybutton.com? I have to assume that if you can figure out how to do software firewalls you can figure out how to do signatures? >Actually, using a "live" CD it WOULD be trivial to build a firewall based on a "boot CD". But would you REALLY want to? Think about it. That "live" CD wouldn't have updates on it. This means you'd have to have new "live" CD every time that you wanted to update the OS on the firewall. I don't want to have to update the OS on the firewall. I don't want to know that the firewall exists. I currently own a Dlink 624. Once a year or so I go download any firmware updates, over the web. Pretty much click, click, I am done. Other than that I pay no attention to it. I do not consider myself closed minded. I downloaded (about two years ago) one of the Linux distros. I got it working. I even downloaded and installed OfficeStar. I know it is getting easier and easier. None of which means I personally want to do that stuff. I think you have an agenda (to have people build a firewall themselves). I do not (at least in this area). I don't care if you set up a spare PC as a firewall, or teach others how. I don't care if Rocky goes out and buys a multi-hundred dollar "out of the box" solution, or builds your custom firewall, or uses some software firewall, or indeed, if he uses nothing at all. I just don't care. However... I have been in computers since 1972. I know enough to know that whether it is Windows, or Linux, or VMS, or CPM, if something goes wrong it takes digging to figure out what is happening. The more you know about the OS, the less digging it takes. I know that things DO go wrong, and the less you know, the more likely something WILL go wrong. I personally know nothing about Linux. I don't want to know anything about Linux. I am CAPABLE of learning enough to do what you propose, I just don't WANT to. The very fact that you are discussing OS updates tells me I don't want to. Additionally, I think the effort to do so is not in proportion to any risk I might be taking by not doing so. >However when someone that doesn't do this for a living tries to correct me on something that I do on a daily basis, I will correct them. I am not attempting to correct you, I am stating an opinion, which I believe I very clearly stated. My opinion still is, that setting up and MAINTAINING a custom firewall is a non-trivial task. Getting it running is no doubt the easiest part of the project. Setting up a complex SQL Server database is non-trivial, but even if you get it set up, MAINTAINING it is beyond the capability of anyone not trained in SQL Server. THAT is my point. Things happen. Handling those things requires training. If this firewall sits in the corner and never needs to be touched, then we are back to "give me a disk that I can install it with" and I will do so. You can't have it both ways, either it is no maintenance and I can just load the disk and go (and leave it humming in the corner for the next 10 years), or things happen and I will have to deal with them. I don't WANT to deal with them. >Without the screen shots, the document itself is less than 30 pages. In none of your emails so far have you offered up this document, in fact you seemed to indicate it was not really in a state to share. Do you need a place to post it? I just happen to have a brand new web site (part of what I spend MY time doing) where I can offer a page to you to put this document on if you care to publish it. I can also put the document itself up with a hotlink for anyone who desires to do so can download the entire thing. I am always happy to help you assist anyone who is interested in doing something like this. John W. Colby www.ColbyConsulting.com Contribute your unused CPU cycles to a good cause: http://folding.stanford.edu/ Actually, using a "live" CD it WOULD be trivial to build a frewall based on a "boot CD". But would you REALLY want to? Think about it. That "live" CD wouldn't have updates on it. This means you'd have to have new "live" CD every time that you wanted to update the OS on the firewall. This is a non-starter without some sort of subscription service. This sorta defeats the whole purpose. Without the screen shots, the document itself is less than 30 pages. The screen shots themselves take up alot of real estate in the document. The screen shots were done with useability in mind. How many times have you read a book on something and though, "I wish I could see what they were talking about"? These screen shots obviate that statement. You misunderstand. You think I am taking it personal. I'm not. However when someone that doesn't do this for a living tries to correct me on something that I do on a daily basis, I will correct them. Just as I'd expect that you would if I were to make some off-base development comment. You are the one that seems close-minded about this, without even having seen the document, I might add. -- AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com