Wait, no, I'm _with_ him on this. I'm a little too paranoid to simply open my whole network, but too charitable to shut off all radio access with WEP or WPA (as my neighbors who don't know any better do). You currently can't talk to my personal machines from the radio side; I'm working on a fix so I can authenticate my machines and gain access to my personal network, but random folks from outside go through the TOS page and use the internet without that access. I know it's do-able. Meanwhile, my machines authenticate and I don't see a TOS page, but you'll have to connect through a browser and bonk a button before you can use my hotspot. I figure that's a reasonable compromise.<br>
<br>-- CHS<br><br><br><div class="gmail_quote">2008/11/5 Courtney Thomas <span dir="ltr"><<a href="mailto:courtneycthomas@bellsouth.net">courtneycthomas@bellsouth.net</a>></span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div bgcolor="#ffffff">
<div><font size="2" face="Arial">Charles,</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Thank you for your reply.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">I have a couple of Schneier's books and as expected
have not devoted my life to this subject so am content to rely on him and his
ilk.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">However, since you point out his position, why do
you bother...... knowing his view on all this :-) which
you, ostensibly, reject ?</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Cordially,</font></div>
<div><font size="2" face="Arial"></font> </div><font color="#888888">
<div><font size="2" face="Arial">Courtney</font></div>
</font><blockquote style="border-left: 2px solid rgb(0, 0, 0); padding-right: 0px; padding-left: 5px; margin-left: 5px; margin-right: 0px;"><div class="Ih2E3d">
<div style="font-family: arial; font-style: normal; font-variant: normal; font-weight: normal; font-size: 10pt; line-height: normal; font-size-adjust: none; font-stretch: normal;">----- Original Message ----- </div>
<div style="background: rgb(228, 228, 228) none repeat scroll 0% 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial; font-family: arial; font-style: normal; font-variant: normal; font-weight: normal; font-size: 10pt; line-height: normal; font-size-adjust: none; font-stretch: normal;">
<b>From:</b>
<a title="hooterpincher@gmail.com" href="mailto:hooterpincher@gmail.com" target="_blank">Charles
Shapiro</a> </div>
<div style="font-family: arial; font-style: normal; font-variant: normal; font-weight: normal; font-size: 10pt; line-height: normal; font-size-adjust: none; font-stretch: normal;"><b>To:</b> <a title="ale@ale.org" href="mailto:ale@ale.org" target="_blank">ale@ale.org</a> </div>
</div><div class="Ih2E3d"><div style="font-family: arial; font-style: normal; font-variant: normal; font-weight: normal; font-size: 10pt; line-height: normal; font-size-adjust: none; font-stretch: normal;"><b>Sent:</b> Wednesday, November 05, 2008 9:53
AM</div>
<div style="font-family: arial; font-style: normal; font-variant: normal; font-weight: normal; font-size: 10pt; line-height: normal; font-size-adjust: none; font-stretch: normal;"><b>Subject:</b> Re: [ale] recommendations for
a..... standalone Linux securityfirewall...</div>
<div><br></div></div><div><div></div><div class="Wj3C7c">I'm a big phan of SentryCD ( <a href="http://www.sentryfirewall.com/" target="_blank">http://www.sentryfirewall.com/</a> ) ,
although I think it's moribund at the moment. It's CD-based but runs boot
scripts off a floppy drive so you can load custom packages or configure it for
your hardware. <br><br>I use a couple of same-brand NICs mounted in an
el-cheapo used Pentium 2 box which a buddy of mine fobbed off on me when I
took some other hardware I wanted more from him. I think it has 128MB of
memory, which is plenty for what I'm doing. You can probably buy an
equivalent one at some place like MicroSeconds ( <a href="http://www.microseconds.net/?page=AboutUs&set_location=GA" target="_blank">http://www.microseconds.net/?page=AboutUs&set_location=GA</a>
) for less than $100 if absolutely necessary. Tearing the HD out and running a
CD-based distro will lower your power requirements and keep things quieter --
definitely an asset in a house where you're paying for heat, cooling and
power. Plus I think it makes the system more durable. I run the actual
hardware 24/7 on a UPS and eventually the power-supply poops out. When that
happens I spend a couple of hours transferring the NICs and reconfiguring the
software and I'm back on the air. A box run in this fashion usually lasts 3-4
years for me.<br><br>My wireless network is set up with coova ( <a href="http://coova.org" target="_blank">http://coova.org</a>) on a WRT54GL connected behind my
firewall. I'm still workin' out some details on this, but it's functional and
(reasonably) secure I think. I'm running an open hotspot with a terms of
service page, but coova also has a variety of other authentication options
which might be useful depending on your circumstances. Much khouler than
Linksys's shipped software, yet easier to configure than raw OpenWRT can be.
And I'm with Bruce Schneier ( ( <a href="http://www.wired.com/politics/security/commentary/securitymatters/2008/01/securitymatters_0110" target="_blank">http://www.wired.com/politics/security/commentary/securitymatters/2008/01/securitymatters_0110</a>
) on offering a cup of internet to my neighbors.<br><br>--
CHS<br><br><br>
<div class="gmail_quote">On Wed, Nov 5, 2008 at 9:19 AM, Jim Lynch <span dir="ltr"><<a href="mailto:ale_nospam@fayettedigital.com" target="_blank">ale_nospam@fayettedigital.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>Geoffrey wrote:<br>> Courtney Thomas
wrote:<br>><br>>> Greetings !<br>>><br>>> I want to use
a standalone Linux box, possibly running from a CD and through<br>>>
which all must pass, at least from the internet, that will be a firewall
for<br>>> my home LAN. But if running from a CD gains nothing, forget
it. I have<br>>> several older idle boxes if they'd suffice. I can
also go wired or wireless,<br>>> and am receptive to any
setup.<br>>><br>>> What recommendation(s) do you have for such a
box, please ?<br>>><br>><br>>
Smoothwall<br>><br>><br></div>Just curious, do you have to have a
system with two NICs to run a<br>firewall? From a security standpoint, it
make sense but is it a requirement?<br><br>Thanks,<br><font color="#888888">Jim.<br></font>
<div>
<div></div>
<div>_______________________________________________<br>Ale
mailing list<br><a href="mailto:Ale@ale.org" target="_blank">Ale@ale.org</a><br><a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br></div></div></blockquote>
</div><br>
</div></div><p>
</p><hr><div class="Ih2E3d">
<p></p>_______________________________________________<br>Ale mailing
list<br><a href="mailto:Ale@ale.org" target="_blank">Ale@ale.org</a><br><a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br></div></blockquote></div>
<br>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
<br></blockquote></div><br>