Documentation for Laptop Firewall

George Toft plug-discuss@lists.PLUG.phoenix.az.us
Thu, 05 Jul 2001 13:59:22 -0700 

Hi Wayne,

Wayne Conrad wrote:
> 
> On Thu, 05 July 2001, George Toft wrote:
> > For those who are interested, here is how I turned my laptop into
> > a really good firewall:
> > http://georgetoft.com/linux/firewall/index.html
> 
> Where do you get RAM for your old 386's and 486's?  The ones I keep finding having too little RAM (usually 4MB) to do anything useful.

I bought some 34 pin SIMMS for the low low price of $64 for 16 meg
a couple years ago, and mooched the rest.  My SPARC box is doing
everything I need for now, so I'll have some 486's to donate in 
a couple months.

I suspect you are looking at my SOHO LAN page.  That was my setup in
Hawaii.  My setup is much simpler now.

I love underpowered hardware - it still works, the price is right,
and nobody believes it can be done.  Now all I have to do is get
sendmail working on the old SPARC.  Trying to find modern packages 
for 32 bit Solaris is hard - everything is 64 bit.


> > Here's an e-mail I received regarding this firewall.  He's an
> > independent security specialist.  Can anyone verify he's as good
> > as I think he is (my evaluation is based on other e-mails)?
> 
> Does his report tell what he did?  Without knowing that, there's no way to "audit the audit" and tell what the report means.  It's like... it's like me telling you your car is OK without you knowing what I checked.  Did I just listen to the sound of the engine?  Did I check the fluids?  Did I check ALL of the fluids?  Did I do a compression check?  Did I plug into the car's computer and download the engine's performance history?
> 
> To me, a security audit doesn't mean much if the report is only PASS/FAIL.  It would probably make me feel better, coming as it does from a well-regarded source, but I strongly suspect that it *shouldn't* make me feel better.

Due to a fault in my scripts and configuration of the firewall, lost the
logs showing what he did, so I can't audit from my end what he did. 
What
I observed (and must now recall from memory) was impressive.  In another
e-mail from him, he told me he got no responses back from my firewall,
which is what the firewall script is designed to do.

When we first started communicating, he scanned georgetoft.com,
which is a web hosting company.  His report showed several problems.
He classified them (a couple of these I had notified the hosting
company about, but they are ignoring me) into high- medium- and
low-risk.
He makes his money by disclosing the vulnerabilities and working with
the client to resolve them.

George