John Colby
jwcolby at ColbyConsulting.com
Mon Oct 10 20:38:09 CDT 2005
Cool. Best of luck in learning all that stuff. If you discover a first class firewall that is a load and forget, and as easy to use (or preferably easier) than a dlink etc., do let me know. PCTech at BellyButton is not the first to insist this is The Way. I have no intention of becoming a Linux geek nor a firewall geek in order to get such a thing, but if it is indeed load and forget, then it is definitely for me. John W. Colby www.ColbyConsulting.com Contribute your unused CPU cycles to a good cause: http://folding.stanford.edu/ -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Karen Rosenstiel Sent: Monday, October 10, 2005 6:03 PM To: 'Access Developers discussion and problem solving' Subject: Re: [AccessD] OT: Firewall John (and all), I just bought a copy of the new distro of Mandriva (formerly Mandrake)at Barnes & Noble and installed it on an old PIII box with 512m of ram. Installed like a breeze. It read and set up my LAN, my printer and all the hardware very easily. I had previously been trying to learn Linux with Red Hat Ver. 9 and then Fedora, but it was a PITA. Mandriva didn't take any longer than Windows XP either. You can set it up as a DHCP server with firewall or DSN server or whatever. The magazine that came with the distro -- from Linux Format -- had a step-by-step install guide with tutorials and it included a Linux quick reference wall chart. As you can tell, I was pretty impressed. Cost $20 but might be worth your while to look at. Regards, Karen Rosenstiel Seattle WA USA -----Original Message----- From: accessd-bounces at databaseadvisors.com [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of John Colby Sent: Monday, October 10, 2005 12:17 PM To: 'Access Developers discussion and problem solving' Subject: Re: [AccessD] OT: Firewall PCTech, First let me say that signatures are a good thing. We know what you like to be called and can address you that way. Second, I understand the "dedicated firewall" mentality, but for Joe Average (me!) it is a non starter. The effort involved in learning enough just to get Linux installed is enough to kill the concept. I have done that much and all by itself it was enough to give me pause. Believe me, I read about such things and wish... But it ain't happening. What is simple to a "computer network engineer" is pretty much Greek to me. And finally, what you are discussing is what high end routers with REAL SPI etc firewalls built-in are all about are they not? It is my understanding that they are exactly that, real processors, running Linux, implementing a firewall. No hard disk to fail, no video to deal with, turns back on after a power failure, instant on, etc. I would be much more likely to go do that than spend the time and effort building a Linux box to implement a firewall. Even here, the difference between the $50 I actually spent and the $200 I would need to spend for the real McCoy prevented that. The simple router / NAT / firewall combination by itself pretty much prevents the external probing kind of stuff (unless you have port mapping / run a web server etc), and then the AV and software firewall picks up the pieces not handled. I have run this combination since going broadband about 4 years ago and have never had an infection, so I guess I have to say that is "good enough". I hate it when people rain on my parade, but I have considered this idea several times in the past and just said no way it was going to really happen. OTOH, if you put together a "put in this CD, reboot and you will have a hardware firewall" kind of package, I might be persuaded to try it. John W. Colby www.ColbyConsulting.com -- AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com