Diary of a Network Geek

The trials and tribulations of a Certified Novell Engineer who's been stranded in Houston, Texas.

6/16/2005

Firewhat?

Filed under: Career Archive,Deep Thoughts,Geek Work,Life, the Universe, and Everything,News and Current Events,Review — Posted by the Network Geek during the Hour of the Rooster which is in the early evening or 6:36 pm for you boring, normal people.
The moon is Waning Gibbous

The secret word for today is “firewall”.
Not only is it an essential part of any connection to the Internet, it’s also what I installed today at work. Yes, that’s right, what I thought I was looking at in the config of the weird, little Covad router was NOT a firewall or even an active filter set. Unfortunately, I found that out the hard way when I rebooted the router last week and the filters activated, killing everyone’s Internet access. I’m not sure who was more surprised, the support tech or me, when they discovered the active filters. I know I was more shocked than the tech when he told me that they don’t support firewalls built into their routers. In short, we were flapping in the proverbial breeze. And, apparently, we had been since, well, since they’ve had an Internet connection. Doh!
Anyway, after a bit of scrambling and some gulping at spending real money for a real firewall, I got a D-Link DFL-1100. It’s a nice, little firewall appliance that has a built-in DMZ, for later use with a mail server, and IDS detection with e-mail notifications. It was pretty easy to configure, once I got the details on the funky Covad router. I really don’t like them. Hooked directly to the console port on the router, I still had refresh issues and timing strangeness that got really frustrating when I had everyone in a hurry to get their e-mail. Damn irritating. the DFL-1100, however, was pretty simple to install and configure. It even had predefined filters and exceptions that seemed to be working just fine. I’ll probably fine tune that over the next couple of weeks, but, for now, it works okay.

It’s really frightening to me, though, that they could have gone for so long without any protection at all. How could an Internet company sell service to someone and not check with them about having a firewall in place? How could anyone who knows anything about the Internet leave a connection open for literally years? I wonder how many spam problems will go away here, now that I’ve gotten a firewall in place?
Of course, I’m pretty dissapointed in myself for not understanding what I was seeing in that Covad router, too. I should have caught that sooner. Sure, I don’t mess with routers on a regular basis, but I’ve done it enough that I should have seen this. Well, at least it’s taken care of now. Lord, help me, what will I find next?


Powered by WordPress
Any links to sites selling any reviewed item, including but not limited to Amazon, may be affiliate links which will pay me some tiny bit of money if used to purchase the item, but this site does no paid reviews and all opinions are my own.