Re: R: [Cooker-firewall] cooker-firewall
So sprach Don Head am Fri, May 11, 2001 at 01:31:18PM -0500: > service, not the updates themselves. They can't charge > for the software, it's (mostly) all GPL'd, remember? =) Uhm, sure they can. GPL doesn't prohibit you to sell GPL'd software. All it says, is that you also need to make the source code available. And it further says, that your customer (who paid money for the stuff), is allowed to reditrubte the software for whatever charges he desires - if it's 0, then that's fine. Isn't that what the GPL says? Alexander Skwar -- How to quote: http://learn.to/quote (german) http://quote.6x.to (english) Homepage: http://www.digitalprojects.com | http://www.iso-top.de iso-top.de - Die günstige Art an Linux Distributionen zu kommen Uptime: 2 days 20 hours 38 minutes
Re: R: [Cooker-firewall] cooker-firewall
I think that charging a one time fee to register the product makes more sense than a monthly fee. The reason I say this has to do with the intended audience. If you are targeting the home audience with a cable connection they have the choice of buying a cable router/firewall for aprox $100 US. If you are targeting a the corporate audience they have the option of buying something like a pix firewall for about $1500 US but it supports up to 8MBS and has a bunch of features. Smaller offices can also go for he cable/dsl router/firewall like the home user. In both of these instances neither one charges a monthly fee. Now for the registration fee I think something comptetitive with the cable/dsl router/firewalls would be better. The reason is that you are more likely to get your home Linux hobbiest involved before the corporations give up on their pix firewalls. This will also entice smaller companies to buy into Mandrake Firewall rather than spending a lot of money on the big firewalls. I had been asked by my boss to test Mandrake firewall because he thought it was going to be free. (I know, you can't get something for nothing) anyway, we are looking at it to install in our client's offices. We are an ISP for bussinesses. We plan on using it both as a firewall and router as well as being able to use snort to monitor for attempted break in's. If we can't pass the cost on to our clients then it won't be a viable solution. As part of the registration you can include 6 months or 1 year of downloadable updates. After that you can charge for additional years or months. The registration should be tied to some sort of certificate that resides on the machine. The reason I bring this up is that I originally thought it could be tied to the IP address. Then I remember I have a dynamic address at home so that wouldn't work. Just something to keep in mind. Anyway, These are my thoughts. Thank you for allowing me to present them.. Steve On Friday 11 May 2001 10:13, you wrote: > On Fri, 11 May 2001, Miguel Beccari wrote: > :~>> Hello Everyone: > :~>> > :~>> What is the latest version of this distro? > :~>> > :~>> I seem to have a hard time finding information about this distro. Any > :~>> suggestions for web site, etc? > :~>> > :~> > :~>I cant find infos about cooke-firewall. > :~> > :~>I planned to setup up 3 servers and I'd like to use this distro. > :~>So my question is: > :~> > :~>when the stable release comes out? > :~> > :~>one month? two? > :~> > > Miguel (and others), > > Distro will be out very soon (less than one month), and I'm curious to > hear answer to one question from you and other raders of this list: money. > > That is, what would you (or your customers) like to get from us (related > to MandrakeSecurity), and how much are you willing to pay for it? > > I'm asking this question because of one really unpleasant detail: if > everyone simply downloads the distribution, and we don't earn on it, I bet > the distribution will eventually end up in trash can, and you will end up > with unsupported (== no more security updates! == useless) distribution on > your firewall. ;-) > > So: how much is your security worth to you, and what do you expect to have > from Mandrakesoft in return? In my opinion, best thing to do would be some > kind of long-term commitment from both sides, like: > > Customer: monthly fee of X$/server during next Y months (years). > Mandrakesoft: commitment to do (whatever) during the same period. > > WDYT? > Denis
RE: R: [Cooker-firewall] cooker-firewall
It's really quite simple... Free version... gets updates like everyone else... NO support. Updates acquired just like in Mandrake 8, via update util. Version for about $100 that gets install support for say 30 days via email? Version for say $250 - 500 (pricing of NetMax for example) that gets install support via email and perhaps 3 tech support incidents during the first year of use? Maybe even a priority ftp access to get updates? There should always be a free version though... it is a linux distro even if it is a custom one. I have many clients that would try it and love it at the free price but would not venture to pay for it if they were required. By the time you have a new version out they could be convinced to pay for the software to help support your efforts. Jason Williams > > Not sure exactly but this may be one of those things to > > charge a subscription > > for. If you want the download version go right ahead but if > > you want the > > security updates you still need to buy into the subcription service. > > Simiar to what Red Hat is doing, although your wording > implies that updates are *ONLY* available to those who > pay, which I don't like. > > > This is were mandrake comes in. They are basicly charging for > > access to thier > > servers and timely updates to any security issues. If the > > download users > > don't choose ot pay for this service then maybe the updates > > can be put in a > > public download area after say 2 or 3 weeks. Or maybe don't > > make the updates > > available at all to non subscribers. The real user's out ther > > could always > > get the source and compile there own. > > Egads, this sounds horrible. Especially for security > updates, but also for bug fixes and such. > > Imagine a really bad exploit is found in something. An > updated package is released the next day to subscribers, > they all apply it and are fine. The following day (and > for the next 2-3 weeks while non-subscribers wait for an > update), it spreads like wildfire across the Internet, > making use of all the non-updated (non-subscribing) > MandrakeFirewall systems. This just gave > MandrakeFirewall a *HORRIBLE* reputation as being > insecure, because they chose not to provide updates for > people that didn't pay them money. Sounds like a good > way to kill a productline/reputation/company, if you > ask me. > > > I have to admit I like the 2 or 3 week plan the best. Maybe > > even a month. > > That way business and security consious useres get imediate > > access to the > > updates and the casual users still are able to get the same > > upadates later > > on. Seeing as casual useres are not as prone to attack this > > might be a good > > comprimise. And just think about this red hat charges > > everyone for thier > > updates. > > Well, this isn't quite accurate. I haven't paid a dime > to Red Hat since I bought RH52 a couple years ago, and I > am able to mirror their 7.1 update tree without > difficulty. They're charging for an automated update > service, not the updates themselves. They can't charge > for the software, it's (mostly) all GPL'd, remember? =) > > > One last option might also be to have an update cd released > > every 3 or 4 > > months maybe sooner for big security issues. Kind of like > > mandrake freq. Make > > the cd imediatly available to those that subscribe to the > > service but the > > rest of the publick has to wait maybe for a quarterly release. > > This almost sounds good. I'd like to see those that > subscribe get a CD delivered snail-mail to them on a > regular basis, and those who don't have to either grab > the ISO or not have access to a new CD it at all, leaving > them in the normal position of having to apply individual > updates by hand. > > > Don Head > SAIR LCA, CIW-P, Network+, A+ > > Systems Administrator [ [EMAIL PROTECTED] ] > Web Designer[ 1 314 997-7847 ] > [ AIM - Don Wave ] [ ICQ - 18804935 ] [ Yahoo - Don_Wave ] > >
Re: R: [Cooker-firewall] cooker-firewall
On Friday 11 May 2001 00:46, you wrote: > On Friday 11 May 2001 08:13, you wrote: > > Distro will be out very soon (less than one month), and I'm curious to > > hear answer to one question from you and other raders of this list: > > money. > > > > That is, what would you (or your customers) like to get from us (related > > to MandrakeSecurity), and how much are you willing to pay for it? > > That could be a tough one (I'm a cheap bastard with a private/just me net). > I'm not sure what's planed but I think you need business/corporate > customers who subscribe to auto update, i.e. the Astaro firewall can be > setup for auto check/update (time based) progies, virus defs etc. Something > like this is definitely a value added service and something worth paying > for when what's behind the firewall is important (the rest of us can > manually > check/download/update). Perhaps a built in support line/page, only active > when someone has a subscription.To reach that customer base you will also > need features like VPN, email virus scanner, etc. Not to mention: DMZ, functional setup with multiple ethernet cards (the same model and different manufactures). Compare the competition, look what a GNAT-BOX offers for $995. Maybe not the best example, but. I'm not even close to having a functional firewall with the configuration I have. (5x86 clone, 3 eth's, 2.5 gb, 63M, etc.) Installation works except for the network configuration. But where can I find some documentation? Not disappointed, guess I was expecting more from Mandrake. As for pricing: IMHO from what I seen, using the macmillian model; I would be willing to pay somewhere in the range of the mid-level package. Thanks for reading, .dn
Re: R: [Cooker-firewall] cooker-firewall
On Friday 11 May 2001 10:13, you wrote: > Distro will be out very soon (less than one month), and I'm curious to > hear answer to one question from you and other raders of this list: money. > > That is, what would you (or your customers) like to get from us (related > to MandrakeSecurity), and how much are you willing to pay for it? Okay, if you charge for MandrakeSecurity, does that then mean that if I'm going to set up an Internet connection sharing / NAT box / firewall for a client w/ a headless PC, I'll have to charge them for not only the hardware and labor, but for the software as well? Will this be sold as a single-user license, or what? Why not do like y'all have been doing w/ Mandrake, like distributing both a downloadable and retail version and offering online updates for both, but differentiate between the two by offering phone or e-mail tech support plans for the retail version while leaving those who downloaded the free version to fend for themselves on newsgroups and mailing lists, such as this fine one. I'll admit, I subscribe to quite a few mailing lists for various OS platforms, but I hardly actively participate in any of the discussons like I do here. This is a great product, backed by a great mailing list. Keep up the good work, guys. -- Art Mason Technology Coordinator La Pryor Independent School District (830) 365-4016
RE: R: [Cooker-firewall] cooker-firewall
> Not sure exactly but this may be one of those things to > charge a subscription > for. If you want the download version go right ahead but if > you want the > security updates you still need to buy into the subcription service. Simiar to what Red Hat is doing, although your wording implies that updates are *ONLY* available to those who pay, which I don't like. > This is were mandrake comes in. They are basicly charging for > access to thier > servers and timely updates to any security issues. If the > download users > don't choose ot pay for this service then maybe the updates > can be put in a > public download area after say 2 or 3 weeks. Or maybe don't > make the updates > available at all to non subscribers. The real user's out ther > could always > get the source and compile there own. Egads, this sounds horrible. Especially for security updates, but also for bug fixes and such. Imagine a really bad exploit is found in something. An updated package is released the next day to subscribers, they all apply it and are fine. The following day (and for the next 2-3 weeks while non-subscribers wait for an update), it spreads like wildfire across the Internet, making use of all the non-updated (non-subscribing) MandrakeFirewall systems. This just gave MandrakeFirewall a *HORRIBLE* reputation as being insecure, because they chose not to provide updates for people that didn't pay them money. Sounds like a good way to kill a productline/reputation/company, if you ask me. > I have to admit I like the 2 or 3 week plan the best. Maybe > even a month. > That way business and security consious useres get imediate > access to the > updates and the casual users still are able to get the same > upadates later > on. Seeing as casual useres are not as prone to attack this > might be a good > comprimise. And just think about this red hat charges > everyone for thier > updates. Well, this isn't quite accurate. I haven't paid a dime to Red Hat since I bought RH52 a couple years ago, and I am able to mirror their 7.1 update tree without difficulty. They're charging for an automated update service, not the updates themselves. They can't charge for the software, it's (mostly) all GPL'd, remember? =) > One last option might also be to have an update cd released > every 3 or 4 > months maybe sooner for big security issues. Kind of like > mandrake freq. Make > the cd imediatly available to those that subscribe to the > service but the > rest of the publick has to wait maybe for a quarterly release. This almost sounds good. I'd like to see those that subscribe get a CD delivered snail-mail to them on a regular basis, and those who don't have to either grab the ISO or not have access to a new CD it at all, leaving them in the normal position of having to apply individual updates by hand. Don Head SAIR LCA, CIW-P, Network+, A+ Systems Administrator [ [EMAIL PROTECTED] ] Web Designer[ 1 314 997-7847 ] [ AIM - Don Wave ] [ ICQ - 18804935 ] [ Yahoo - Don_Wave ]
Re: R: [Cooker-firewall] cooker-firewall
On Friday 11 May 2001 08:13, you wrote: > Distro will be out very soon (less than one month), and I'm curious to > hear answer to one question from you and other raders of this list: money. > > That is, what would you (or your customers) like to get from us (related > to MandrakeSecurity), and how much are you willing to pay for it? That could be a tough one (I'm a cheap bastard with a private/just me net). I'm not sure what's planed but I think you need business/corporate customers who subscribe to auto update, i.e. the Astaro firewall can be setup for auto check/update (time based) progies, virus defs etc. Something like this is definitely a value added service and something worth paying for when what's behind the firewall is important (the rest of us can manually check/download/update). Perhaps a built in support line/page, only active when someone has a subscription.To reach that customer base you will also need features like VPN, email virus scanner, etc.
Re: R: [Cooker-firewall] cooker-firewall
Hello, You have written a very thought provoking and relevant letter and I appreciate your candor. I for one would be willing to pay for your firewall product. The only money I've spent on anything related to Linux so far has been the occasional purchase of a GPL CD from someplace like lsl.com and I've been using Linux since 1994. With the production of LM Firewall, I believe that you have found a niche product that may, if handled correctly, provide you with a steady income from version purchases and security upgrades. Possibly by the per server service contract you indicated. I've tried other firewalls and they work alright if all you want is a packet switch and NAT router. I very much appreciate the extensibility of your product. For example, I've put SAMBA on the firewall and replaced my other full distro (LM 7.2) server for my home LAN. Support of ReiserFS is greatly appreciated as I have been running it since 7.2 came out. I don't want more than one machine laying around plugged into the wall doing nothing more than creating heat so a floppy firewall product is not for me. I also added Portsentry and am quite happy. Remote manageability and monitoring could be extended to include the full functionality of webmin and netsaint but I could just as easily set those up myself. There appears to be little if any indication of the existence of LM Firewall judging by your website, so if you want people to pay for a product/service, you need to let people know that it exists even if it's nothing more than link from your homepage.to a product feature page. One more small item before I finish; Maybe it's just me, but I couldn't find a way using your web manager to allow all (or filter) traffic on the internal network. It will allow filtering of IN -> OUT and OUT -> IN but not just on the Internal interface. I had to manually (via ssh) Insert an ipchains rule in the INPUT chain similar to the following ( ipchains -I input -b -i eth0 -j ACCEPT ). I know it probably looks dumb but I'm not a programmer so I hack at rules. That took care of opening the firewall for my LAN to pass SAMBA traffic, for instance. Anyway, great and useful product. Keep up the good work and everyone will benefit. Sincerely, Trent M. Gunnarson [EMAIL PROTECTED] > Miguel (and others), > > Distro will be out very soon (less than one month), and I'm curious to > hear answer to one question from you and other raders of this list: money. > > That is, what would you (or your customers) like to get from us (related > to MandrakeSecurity), and how much are you willing to pay for it? > > I'm asking this question because of one really unpleasant detail: if > everyone simply downloads the distribution, and we don't earn on it, I bet > the distribution will eventually end up in trash can, and you will end up > with unsupported (== no more security updates! == useless) distribution on > your firewall. ;-) > > So: how much is your security worth to you, and what do you expect to have > from Mandrakesoft in return? In my opinion, best thing to do would be some > kind of long-term commitment from both sides, like: > > Customer: monthly fee of X$/server during next Y months (years). > Mandrakesoft: commitment to do (whatever) during the same period. > > WDYT? > Denis > -- > - > Dr. Denis Havlik http://MandrakeForum.com > Mandrakesoft ||| e-mail: [EMAIL PROTECTED] > Community (@ @)(private: [EMAIL PROTECTED]) > --oOO--(_)--OOo- > The mailserver is on strike. It wants better working conditions, > paid days off and a female connector. ([EMAIL PROTECTED]) > > >
Re: R: [Cooker-firewall] cooker-firewall
On Friday 11 May 2001 08:13 am, you wrote: > On Fri, 11 May 2001, Miguel Beccari wrote: > :~>> Hello Everyone: > :~>> > :~>> What is the latest version of this distro? > :~>> > :~>> I seem to have a hard time finding information about this distro. Any > :~>> suggestions for web site, etc? > :~>> > :~> > :~>I cant find infos about cooke-firewall. > :~> > :~>I planned to setup up 3 servers and I'd like to use this distro. > :~>So my question is: > :~> > :~>when the stable release comes out? > :~> > :~>one month? two? > :~> > > Miguel (and others), > > Distro will be out very soon (less than one month), and I'm curious to > hear answer to one question from you and other raders of this list: money. > > That is, what would you (or your customers) like to get from us (related > to MandrakeSecurity), and how much are you willing to pay for it? > > I'm asking this question because of one really unpleasant detail: if > everyone simply downloads the distribution, and we don't earn on it, I bet > the distribution will eventually end up in trash can, and you will end up > with unsupported (== no more security updates! == useless) distribution on > your firewall. ;-) > > So: how much is your security worth to you, and what do you expect to have > from Mandrakesoft in return? In my opinion, best thing to do would be some > kind of long-term commitment from both sides, like: Not sure exactly but this may be one of those things to charge a subscription for. If you want the download version go right ahead but if you want the security updates you still need to buy into the subcription service. This is were mandrake comes in. They are basicly charging for access to thier servers and timely updates to any security issues. If the download users don't choose ot pay for this service then maybe the updates can be put in a public download area after say 2 or 3 weeks. Or maybe don't make the updates available at all to non subscribers. The real user's out ther could always get the source and compile there own. I have to admit I like the 2 or 3 week plan the best. Maybe even a month. That way business and security consious useres get imediate access to the updates and the casual users still are able to get the same upadates later on. Seeing as casual useres are not as prone to attack this might be a good comprimise. And just think about this red hat charges everyone for thier updates. One last option might also be to have an update cd released every 3 or 4 months maybe sooner for big security issues. Kind of like mandrake freq. Make the cd imediatly available to those that subscribe to the service but the rest of the publick has to wait maybe for a quarterly release. > > Customer: monthly fee of X$/server during next Y months (years). > Mandrakesoft: commitment to do (whatever) during the same period. > > WDYT? > Denis -- - Brook Humphrey Mobile PC Medic 509-235-9107 http://www.webmedic.net [EMAIL PROTECTED] - My posting or sending this is NOT an invitation for spammers to say that I've asked to be put on a mailing list. -
Re: R: [Cooker-firewall] cooker-firewall
On Fri, 11 May 2001, Miguel Beccari wrote: :~>> Hello Everyone: :~>> :~>> What is the latest version of this distro? :~>> :~>> I seem to have a hard time finding information about this distro. Any :~>> suggestions for web site, etc? :~>> :~> :~>I cant find infos about cooke-firewall. :~> :~>I planned to setup up 3 servers and I'd like to use this distro. :~>So my question is: :~> :~>when the stable release comes out? :~> :~>one month? two? :~> Miguel (and others), Distro will be out very soon (less than one month), and I'm curious to hear answer to one question from you and other raders of this list: money. That is, what would you (or your customers) like to get from us (related to MandrakeSecurity), and how much are you willing to pay for it? I'm asking this question because of one really unpleasant detail: if everyone simply downloads the distribution, and we don't earn on it, I bet the distribution will eventually end up in trash can, and you will end up with unsupported (== no more security updates! == useless) distribution on your firewall. ;-) So: how much is your security worth to you, and what do you expect to have from Mandrakesoft in return? In my opinion, best thing to do would be some kind of long-term commitment from both sides, like: Customer: monthly fee of X$/server during next Y months (years). Mandrakesoft: commitment to do (whatever) during the same period. WDYT? Denis -- - Dr. Denis Havlik http://MandrakeForum.com Mandrakesoft ||| e-mail: [EMAIL PROTECTED] Community (@ @)(private: [EMAIL PROTECTED]) --oOO--(_)--OOo- The mailserver is on strike. It wants better working conditions, paid days off and a female connector. ([EMAIL PROTECTED])
R: [Cooker-firewall] cooker-firewall
- Original Message - From: Donavan Nelson <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, May 10, 2001 7:42 PM Subject: [Cooker-firewall] cooker-firewall > Hello Everyone: > > What is the latest version of this distro? > > I seem to have a hard time finding information about this distro. Any > suggestions for web site, etc? > I cant find infos about cooke-firewall. I planned to setup up 3 servers and I'd like to use this distro. So my question is: when the stable release comes out? one month? two? Best Regards to all and thanks for the best work (I am beening a happy user of Mandrake since mdk5 Venice) Miguel Beccari