January 2006 Archives

My friend and associate Aaron writes:

Hey I was wondering if you had any experience with the SmoothWall firewall? Seems that a lot of techie people like it and it's open source, and it's GUI.

Its all IPTABLES to me Aaron.

But no, I hadn't heard of SmoothWall, thanks for the pointer.

There are lots of different scripts (Bastille, Linux Firewall IPcop, etc.) to set them up, but what I always wonder is why does an end user need to configure a firewall?

In other words, the scripts automate starting and stopping IPTABLES and manipulating the chains. But who needs the warm friendly automation? I know IPTABLES is in the background, and I know how to manipulate and save chains from the CLI.

I am always interested to see what different scripts do. At the home office here, I am currently using Trustix Firewall 4.7. This is the software part of a very sweet looking hardware platform, XSentry.

Which has a warm fuzzy Java GUI that runs on Windows. I am very interested to see their way to setup the NAT. I always use mangling, and sometimes if I am in a hurry, MASQ; but they are actually allowing these packets across the FORWARD chain on a selective basis.

to whom it may concern.
Traveling twice the speed of sound, it's easy to get burned.

To paraphrase Crosby Stills Nash and Young, In today's gigabit fiber optic networked world of businesses ranging in size from the independent contractor to mega-corps, its easy to make mistakes. Probably one of the easiest and most tempting for businesses may be to send unsolicited commercial email. Its so easy, and the temptation is great to think that since yours is a reputable business, or perhaps because we have done business in the past that I won't mind your pitch. You're wrong.

I recently paid to surface mail each of my customers a link to a promotion on my web site. I don't pay for my customer's bandwidth, so why should they pay for my advertisements? And I kind of expect the same courtesy from people who want to sell me stuff. (Although I gleefully return unsolicited postal mail too, and I always send the advertisements that come with the bills back with my payments.)

In my capacity as hostmaster, postmaster and chief bottle washer, I catch "reputable" businesses all the time, and I am amazed at the excuses they will come up with. But I was caught off guard this week, when my Alma Mater spammed me, I called them on it and they apologized. Thats right!

They followed up on my complaint, looked into it and I got a note that said: "The message you received originated in the [fundraising] office and the responsibility for this mistake falls to me. Again, I am sorry for any inconvenience you may have been caused."

I was stunned.

"... a lesson to be learned."

There they go again after all these years showing me something new. If you fall to temptation and your customers call you on it, Don't weasel out or rationalize, just own up and apologize. You might save a customer.