Re: linux-kernel-digest V1 #224

From: Amy Rupp (amyr@jump.net)
Date: Wed Feb 16 2000 - 10:24:16 EST

Next message: William Montgomery: "Re: lowlatency-2.2.14-B1 + 2.2.14aa7 fixes crash, but..."
Previous message: Alfredo Sanjuan: "Re: DSL Modem?"
Next in thread: J. Scott Kasten: "Re: linux-kernel-digest V1 #224"
Reply: J. Scott Kasten: "Re: linux-kernel-digest V1 #224"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Wed, Feb 16, 2000 at 07:33:46AM -0600, Jesse Pollard wrote:
> > .... If your site is already behind an acceptable firewall
> > by your ISP you can plug the DSL into a hub instead.
>
> Err... If there is only one FW in between the world, and all
> customers, then I would not, for any price, accept ISP provided
> firewall as an indication of *security* -- any of the other
> customers may whack my machine(s)..
> (Me paranoid ? Who wants to know?)
>
> Such FW is out there only to enforce ISP's policies, like
> "no HTTP servers at customer machines", or some such..
>
> If they are for customer network security, they will be listed
> separately in the service price listings. (With a hefty price,
> but then you propably have "lots of" addresses ( >> 1 ), too..)
>
> /Matti Aarnio <matti.aarnio@sonera.fi>

Exactly. I was having this conversation with my brother,
a sysadmin at a fairly large local ISP. He said, "We
just throw the bits at you from the Internet. What you
do with them is up to you." He conceded to my assertion
that the ISP's employees could do custom consulting to
configure customer firewalls, log suspicious inbound
traffic, et cetera, but doing so for EVERY customer would
be a tremendous amount of staff overhead and would cost
a fortune. And many customers would object to having
their traffic monitored and allowing non-employees
privileged access to their routers and systems.

Everyone wants to reserve the right to shoot themselves
in the foot and then blame the powers that be that the
gun shouldn't have gone off in the first place :-)

BTW, I am new to this forum and to Linux, but have
ten years of system (kernel, firmware, board level)
experience in primarily SVR4 UNIX. I'd love to
make a contribution to the community; pointers
to areas of the kernel where there aren't already
twenty of you fabulous gurus already doing a stellar
job would be wonderful! I am most proficient on
the Motorola and MIPS CPUs as opposed to Intel, so
I wouldn't be of help in platform-specifics for that
apparently very much discussed architecture.

Thanks!
Amy Rupp

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: William Montgomery: "Re: lowlatency-2.2.14-B1 + 2.2.14aa7 fixes crash, but..."
Previous message: Alfredo Sanjuan: "Re: DSL Modem?"
Next in thread: J. Scott Kasten: "Re: linux-kernel-digest V1 #224"
Reply: J. Scott Kasten: "Re: linux-kernel-digest V1 #224"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:15 EST