[plug] Setting up a new firewall

Onno Benschop onno at itmaze.com.au
Sat Jul 30 06:21:23 WST 2005 

[..story explaining network setup deleted..]

This is my point exactly.

On the one hand you advocate one thing, on the other you write that 
you're doing something else. From your perspective the separation is 
obvious, but from the reader's perspective it isn't.

The problem is that your initial response to a person asking about 
security includes discussion about not installing services on a 
firewall, but then you add at the end that you're running all manner of 
services.

Just to be clear here, I'm not questioning the quality of your answer, 
but the method.

If we as a community are helping other users of Linux solve problems, we 
need to be very cautious about how we explain things. This email and the 
ones that preceded it will be stored in the archive. A future surfer 
might find it and read: "Install IPCOP, DNS, DHCP and a VPN client." and 
think that all is sweet. (For that future reader, that is not sweet, 
unless you understand what is happening, read the message that precedes 
this one before you do!)

The point is that it's only part of the story and while it's inside your 
head, the reader doesn't get that part.

Now if you were to actually include a full description of your 
particular circumstance, where you have decided that it's fine to run 
those extra services on your firewall, then that's perfectly reasonable 
and helpful as a response, but only giving the partial story to a novice 
is not nearly as helpful.

And just to make sure, I'm not saying that what you wrote was rubbish, 
I'm saying that you missed a bit and that bit was vital for your answer 
to be complete.


Kindest regards,

-- 
Onno Benschop

Connected via Optus B3 at S34°45'36.5" - E139°00'08.7" (Mount Pleasant, SA)
--
()/)/)()        ..ASCII for Onno..
|>>?            ..EBCDIC for Onno..
--- -. -. ---   ..Morse for Onno..

Proudly supported by Skipper Trucks, Highway1, Concept AV, Sony Central, Dalcon
ITmaze   -   ABN: 56 178 057 063   -  ph: 04 1219 8888   -   onno at itmaze.com.au

More information about the plug mailing list