Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] *Small* NAT/DMZ/LAN h/w suggestions?



Edward Wright writes:

 > Ipcop and smoothwall may be great programs, but I have an inate
 > distrust of GUI and/or web based config tools.

Well, I'm not a big fan of the GUI config tools I've seen as actually
implemented, for reasons similar to those you have in mind.

But there are real possibilities there.  For example, suppose that log
analysis of TCP traffic were given as a one-pixel per port histogram,
with "alarm color" coding for servers you actually are running, known
risky ports (eg, everybody's least favorite well-known port, #22),
etc.  Then on a bog-standard 1024x768 display, you could see the whole
"system port" range in one screen, and the colors would tell you where
the hot spots are.

Or how about if on the network topology that you told it was
superimposed the traffic patterns, including hosts you didn't know
could be reached by that path?  How about if you could configure the
firewall by clicking on arrows going into or out of the firewall box?
Or static addresses on the DHCP server based on a network map
discovered with nmap?

The possibilities are endless ... but rarely exploited. :-(

Anyway, it's worth trying them.  Who knows, you might be pleasantly
surprised!


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links