On Wed, 3 Jan 2001, David Douthitt wrote:
> > I don't think a secondary system is a requirement...you can do lots of
> > very powerful things in shell script, and the code is usually pretty
> > small. If necessary, some C code could be written to do things that
> > were too cumbersome (or imposs
On 4 Jan 2001, at 2:36, Charles Steinkuehler wrote:
> > One of the things that would be (almost) required is a secondary
> > system though; which is similar to either what Donovan was
> > suggesting - run it on a workstation, and copy the files to the
> > target system -
>
> I don't think a secon
Charles Steinkuehler wrote:
> ...
> Pretty much all networking related configuration could be directly generated
> from an appropriate functional description of the black box, including
> interface setup, proxy-arp, static-NAT, QOS, and anything else that happens
> inside the box (I don't want
> (Steps in holding up a REALLY LARGE Stop Sign)
Where were you when a took that wrong turn in Alberqueque?!? :>
> Not picking on you Mike, but you're the first to step out into the open on
> this issue, and the first to do more than hint about the possibility.
>
> Are we looking at a rewrite of
On Wed, 3 Jan 2001, David Douthitt wrote:
> > I didn't mean a separate package. I meant rebuilding the whole
> > system around glibc-2.1.3. No libc, just glibc in root.lrp.
>
> root.lrp is loaded by the kernel; if it doesn't fit on a 1.68M disk
> it isn't going to happen. If glibc is 4M, it
Paul Batozech wrote:
>
> Well this is tough as all are quite good, but here goes.
>
> Web Site: Eric's
>
> Logo: For a graphic type I'd say Jack's
Sorry about this Jack, but I just saw Mike's 'cool-metal_leaf.png'and I
gotta change my vote!
And no, I'm note just trying to suck up:)
Paul
>
On Wed, 3 Jan 2001, Mike Noyes wrote:
> BTW, since I was in Gimp anyway I created another simple logo.
> ftp://leaf.sourceforge.net/pub/leaf/logo/mhnoyes/cool-metal_leaf.png
Once we get around to secondary logos, this one gets my vote for a banner
style. Nice work, Mike.
--
George Metz
Commerci
On Wed, 3 Jan 2001, Mike Noyes wrote:
> Everyone,
> I just uploaded two new logos based on the tuxnet image.
>
> tuxnet-leaflogo2.png - implements a suggestion from George
Change my vote to this one. Much nicer than my first attempt to Manipulate
Graphics. =)
I looked at Pedro's entry, and whi
On Wed, 3 Jan 2001, Mike Sensney wrote:
> Here is my attempt at restating the problem.
(Steps in holding up a REALLY LARGE Stop Sign)
Not picking on you Mike, but you're the first to step out into the open on
this issue, and the first to do more than hint about the possibility.
Are we looking
On Wed, Jan 03, 2001 at 05:53:52PM -0600, David Douthitt wrote:
> On 3 Jan 2001, at 23:38, Donovan Baarda wrote:
>
> > Ummm, maybe I am out on my own, but what is wrong with having a bulky
> > fw-builder app that runs on a full machine to generate a light-weight
> > fw that can be loaded onto the
the ftp link worked for me.
kinda cool, but a little too much metal for me.
--
Jack Coates
Monkeynoodle: It's what's for dinner!
On Wed, 3 Jan 2001, David Douthitt wrote:
> On 3 Jan 2001, at 23:11, Mike Noyes wrote:
>
> > BTW, since I was in Gimp anyway I created another simple logo.
> > ftp:
At 05:23 PM 1/3/01 -0600, David Douthitt <[EMAIL PROTECTED]>
wrote:
>On 3 Jan 2001, at 23:11, Mike Noyes wrote:
>
> > BTW, since I was in Gimp anyway I created another simple logo.
> > ftp://leaf.sourceforge.net/pub/leaf/logo/mhnoyes/cool-metal_leaf.png
>
>I still can't get there, but I did find
I didn't realize this till later, but perhaps we have something
useful already. at least *I* do :-)
I'm going to try this out and see just exactly what it does. I'm not
satisified entirely with the "watch the traffic and allow it"
approach to firewalling, but it may be a good quickstart,
On 3 Jan 2001, at 23:38, Donovan Baarda wrote:
> Ummm, maybe I am out on my own, but what is wrong with having a bulky
> fw-builder app that runs on a full machine to generate a light-weight
> fw that can be loaded onto the leaf machine?
What "full machine"? If I'm Mr. Home User with Windows 95
On Wed, Jan 03, 2001 at 09:31:01AM -0600, David Douthitt wrote:
> On 3 Jan 2001, at 2:32, Charles Steinkuehler wrote:
[...]
> What about things like Mason, which scan typical traffic and
> implement rules to match? Problem with Mason is it relies on Perl
> (not nice in an embedded context).
Um
On 3 Jan 2001, at 23:11, Mike Noyes wrote:
> BTW, since I was in Gimp anyway I created another simple logo.
> ftp://leaf.sourceforge.net/pub/leaf/logo/mhnoyes/cool-metal_leaf.png
I still can't get there, but I did find it at:
http://leaf.sourceforge.net/pub/logo/mhnoyes/cool-metal_leaf.png
...
At 11:14 PM 1/3/01 +0100, [EMAIL PROTECTED] (Eric Wolzak) wrote:
>Hello
>
> > Everyone,
> > I just uploaded two new logos based on the tuxnet image.
> >
> > tuxnet-leaflogo2.png - implements a suggestion from George
> >
> > tuxnet-leaflogo3.png - implements a suggestion from Charles
> >Charles
Sorry for butting in middle of the conversation; and please let me
know if I make an ASS.. out of myself! :)
Can we abstract these networking terms as follow: IS (Intermediate
System), ES (End System) (OSIism here). And for each IS or ES, it
provides one or more SERVICES. HTTP, FTP, Telnet
Hello
> Everyone,
> I just uploaded two new logos based on the tuxnet image.
>
> tuxnet-leaflogo2.png - implements a suggestion from George
>
> tuxnet-leaflogo3.png - implements a suggestion from Charles
>Charles, I'm sorry about the hat, but I'm still unable to remember
> how to 3-D rot
Everyone,
I just uploaded two new logos based on the tuxnet image.
tuxnet-leaflogo2.png - implements a suggestion from George
tuxnet-leaflogo3.png - implements a suggestion from Charles
Charles, I'm sorry about the hat, but I'm still unable to remember
how to 3-D rotate it.
ftp://leaf.sour
Sounds like CheckPoint's GUI, or even more like Cisco's Network
Configurator (not sure of the name, no one really uses it).
I have to admit I'm pretty ambivalent about changing focus. Firewall
configuration focusses on the router because it is a router. Call it a
packet filter or a firewall or a
Here is my attempt at restating the problem.
Charles mentions the various tools in current use, like Seawall and
the extended scripts and what is wrong with them. (Not easily
extended and/or modified beyond their original limited purpose.)
Where I see the problem is that current routing/firewa
On Wed, 3 Jan 2001, Charles Steinkuehler wrote:
> > > For instance, the following network:
> >
> > ...is a nightmarish FrankenNetwork. Hence EigerStein perhaps? I applaud
> > you for making it work well. =)
>
> Who said it worked well? :>
Works well enough that they're keeping it, neh? =)
> I
On 3 Jan 2001, at 16:33, David Douthitt wrote:
> I'm thinking about this some...
> Thinking on this, the Fence idea makes all the problems we've seen:
> you not only have to allow one way but also the other.
>
> The Network Idea simplifies things slightly, but creates the problem
> in that the
I doubt this will help the current discussion, but I think it's noteworthy.
There is a new FAQ by Daniel Swan for comp.os.linux.security at:
http://www.linuxsecurity.com/docs/colsfaq.html
--
Mike Noyes <[EMAIL PROTECTED]>
http://leaf.sourceforge.net/
___
I'm thinking about this some... and there are some problems with
thinking about firewalls that I see:
- the point of view from a firewall is conceptually that of a Fence:
there is THIS side and THAT side and we see and allow and reject
things going between.
- Alternate conceptual views: that
> > Various scripts like sea-wall, Matthew Grant's scripts, and many
> > 'click the box & build a script' type programs. These solutions
> > can be very easy to use, and configurable (to an extent), but they
> > quickly run into problems when dealing with arbitrary situations
> > that were not pl
Vote totals as of this morning (Jan 3):
Home page: EntryVotes
Eric Wolzak5
Logo: Entry Votes
leaf-green-logo-text.png 2
tuxnet-leaflogo1.png 2
leaf_logo2-1_S-F.gif 1
Pedro Barreto's home page entry is no
On 2 Jan 2001, at 21:58, David Douthitt wrote:
> I like Erik Wolzak's site the best, with no changes.
>
> As for logo's, I think I like Pedro's logo best (black and white) -
> wasn't that it on your site, Mike?
Just wanted to clarify - when I said "no changes" I meant it :-)
Pedro's Logo woul
On 3 Jan 2001, at 4:08, George Metz wrote:
> Can we do this by defining strings?
>
> For example; if the high level definition were placed into the
> config util as:
>
> "I want my firewall to forward web connections from the world to
> my webserver."
>
> Could that be interpreted as:
>
> "I w
On 3 Jan 2001, at 2:32, Charles Steinkuehler wrote:
> Current solutions:
> Various scripts like sea-wall, Matthew Grant's scripts, and many
> 'click the box & build a script' type programs. These solutions
> can be very easy to use, and configurable (to an extent), but they
> quickly run into p
At 06:58 AM 1/3/01 -0600, "Charles Steinkuehler" <[EMAIL PROTECTED]> wrote:
> > Charles I'm sorry, but would you please chose your favorite. We can
> > vote for an alternate later. Thanks.
>
> OK, make me actually decide...
>
>I guess I have to go with Mike Noyes' logo:
>ftp://leaf.sourceforge.ne
> > For instance, the following network:
>
> ...is a nightmarish FrankenNetwork. Hence EigerStein perhaps? I applaud
> you for making it work well. =)
Who said it worked well? :>
> > The complexity level of configuration grows dramatically as the scripts
are
> > 'generalized' to try and do more
> Charles I'm sorry, but would you please chose your favorite. We can vote
> for an alternate later. Thanks.
OK, make me actually decide...
I guess I have to go with Mike Noyes' logo:
ftp://leaf.sourceforge.net/pub/leaf/logo/mhnoyes/tuxnet-leaflogo1.png
which I think works better with Eric's
34 matches
Mail list logo
