Diary of a Network Geek

The secret word for today is “firewall”.
Not only is it an essential part of any connection to the Internet, it’s also what I installed today at work. Yes, that’s right, what I thought I was looking at in the config of the weird, little Covad router was NOT a firewall or even an active filter set. Unfortunately, I found that out the hard way when I rebooted the router last week and the filters activated, killing everyone’s Internet access. I’m not sure who was more surprised, the support tech or me, when they discovered the active filters. I know I was more shocked than the tech when he told me that they don’t support firewalls built into their routers. In short, we were flapping in the proverbial breeze. And, apparently, we had been since, well, since they’ve had an Internet connection. Doh!
Anyway, after a bit of scrambling and some gulping at spending real money for a real firewall, I got a D-Link DFL-1100. It’s a nice, little firewall appliance that has a built-in DMZ, for later use with a mail server, and IDS detection with e-mail notifications. It was pretty easy to configure, once I got the details on the funky Covad router. I really don’t like them. Hooked directly to the console port on the router, I still had refresh issues and timing strangeness that got really frustrating when I had everyone in a hurry to get their e-mail. Damn irritating. the DFL-1100, however, was pretty simple to install and configure. It even had predefined filters and exceptions that seemed to be working just fine. I’ll probably fine tune that over the next couple of weeks, but, for now, it works okay.

It’s really frightening to me, though, that they could have gone for so long without any protection at all. How could an Internet company sell service to someone and not check with them about having a firewall in place? How could anyone who knows anything about the Internet leave a connection open for literally years? I wonder how many spam problems will go away here, now that I’ve gotten a firewall in place?
Of course, I’m pretty dissapointed in myself for not understanding what I was seeing in that Covad router, too. I should have caught that sooner. Sure, I don’t mess with routers on a regular basis, but I’ve done it enough that I should have seen this. Well, at least it’s taken care of now. Lord, help me, what will I find next?

Okay, this is actually kind of sad.

I mean, do we really need a webpage that tells us what to do when our Internet connection goes down? Well, apparently we do, because a couple of crazy Canadians have put one up. So, the next time your local phone or cable company decides to help you discover a life beyond the Internet, you’ll have a resource. Of course, you’ll want to print this out and keep it handy, or at least save it to your hard drive, so that when the Internet goes out you’ll have it. (Think about it! If you can’t get to the Internet, you can’t see a webpage on someone else’s server!)