Email and networking issues

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,749
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
Forgive me for the length and complexity of this. I'm hoping that you guys will be able to make some sensible suggestions to make email a usable practical thing for me, as opposed to my current chaotic non-system, which is all but useless. First, the background (I've hacked the addresses in here, in a fairly obvious way - any human being reading this (as opposed to a spam bot) can soon find out the real addresses if they want them :)) :

I have the following accounts:

dial-up personal account with NC (my local ISP)
twilson@nc.com.au
This is my primary mailbox

dial-up shop account with NC (the free reseller's account we have with our ISP)
rht@nc.com.au
I rarely get mail here, but need to check it once every week or so for stuff related to the ISP connections we re-sell

dial-up account with Primus
user@iprimus.com.au
Never use this mailbox, except for Primus notices.
Will be cancelling it when my cable connection comes on-line next week

Business cable connection with Neighbourhood Cable (next week)
will have an email address associated with it which I don't intend to use at this stage
will become my primary web connection from the office
will have a static IP address (yet to be assigned)

Home cable connection with Neighbourhood Cable (next week)
will have an email address associated with it which I don't intend to use at this stage
will become my primary web connection from home
will *not* have a static IP (though I could add one if required)

Web page hosted by NC
anythingyoulike@redhil.net.au
Any mail sent to redhil.net.au (e.g, tony@redhil.net.au, heyyou@redhil.net.au, sales@redhil.net.au, help@redhil.net.au, whatever) gets piped straight to my primary personal mail box above (twilson@nc.com.au)

-----------------------

That's where the mail goes to. Now, here is what I do with it at present - the unworkable "non-system":

The primary mail-reading machine is at the office, runs ECS, and I use PMMail to collect mail in the ordinary way from the primary mail box (which gets twilson@nc.com.au and anything @redhil.net.au), and also (using PMMail's multiple account feature) from the odd-bod mail boxes (like Primus or the shop account) every now and then. So far, so good.

From home, I use PMMail for Windows to read any mail that happens to have arrived since I last checked it at the office, and leave the messages on the server so that any business mail that arrives overnight is still there waiting to be collected when I get back to the office. Sometimes I use a different machine in a different location (my girlfriend's place, for example) in the same way.

Next, the problems:

1: I get *masses* of SPAM. So much so that all too often I miss messages from my mother, because I just don't see them in amongst all that spam. From time to time I have toyed with spam eradicators, PMMail filters, and so on, but it is just too complicated with *two* different machines to set all that up with, for what is in any case an uncertain result.

2: The business machine gets clogged up with all sorts of non-business stuff (which is not too bad, but I mention it for completeness).

3: Often I want to reply to a personal or semi-personal message at home (which is the only place I get time to do it), but don't have it there, because it arrived during business
hours and the only copy of it is on the work machine. Sometimes I remember to email it to myself before I leave the office (using one of the odd-bod addresses, such as the Primus one so that it won't get "cleaned out" by the main mail machine) and then have to mess about collecting it, then copying and pasting it into the inbox of the account I am logged on with at the time. (This is because if you just hit "reply" to a message, PMMail will, perfectly sensibly, try to send the reply using the account that the mail has arrived in, but I'm often not logged on to that particular server at the time. You can get around this by playing with the account settings in PMMail: for example, I have my redhil@redhil.net.au account set to always get mail from mail.nc.com.au (who host the redhil site) using username twilson and the appropriate password for my primary mailbox, but to *send* using smtp.iprimus.com.au using *that* username and password. This works OK 3/4s of the time but many mail servers and clients look at the mixture of addresses in the header and refuse to accept the message, thinking that it is spam. The os2.org.au mail list processor is an example. I'll had to make a special "send only" account in PMMail for OS/2 to send this very message to the user group or else it would have bounced. (I seem to recall having similar diffculties with Mercutio's and Coug's mail servers some time ago.)

4: I'm going onto cable this week, both at home and at the office. At this stage I don't expect any particular problems with that so far as basic connectivity goes, I can just plug the cable modem into my network hub and go from there (I think) but the office network in particular will become vulnerable to the usual hacking attacks, as it will have a static IP. So I need a firewall. With me so far?

--------------------------

Solutions?

Here is what I propose to do. Please, anyone with experience in this area, tell me if this makes sense, and sing out if you have suggestions.

1: Set up a firewall for the office, probably on a seperate, dedicated machine. (There is no shortage of hardware here.) This could be a Linux box, which would be cheap and give me access to lots of helpful support, but require me to do a fair bit of learning - I have very little Linux experience. (Mind you, perhaps having to learn some Linix administration skills would be a good thing for me!) I could use some form of Windows, but why? Most likely I'll use an OS/2 or ECS box. Probably Warp 4 as I already have a spare licence or two for that. But one of the guys on the OS/2 mailing list I subscribe to suggested that I might look at Smoothwall. (No, believe it or not, they are not all zealots. Most members run the same sort of motley collection of OS software that I do.) Smoothwall, if you haven't met it, is a dedicated firewall package that runs on a severly cut-down version of Red Hat Linux. It's free and requires a dedicated machine of the Pentium 300 variety with two NICs. You can't run anything else on the Smoothwall machine.)

If I *do* use an OS/2 box for this, which firewall software should I use? There is a firewall bundled free with ECS. I already own InJoy Firewall with a 12-user licence (though I have not yet used it). InJoy sounds like the obvious choice, but does anyone have any experience with it? Points for? Points against? (OK, OK, you guys won't have the answer to this, but seeing as this is largely a repost of my question to the OS/2 user group, I'll leave it in anyway.)

2: Set up my own mail server. Now this is something I know almost *nothing* about. What package? How to set it up? I guess the ideal system would be to have the firewall box be the mail server. As it will have a static IP, I'll be able to access it from the LAN, from home, from anywhere. Is it possible to set it up in such a way that I can filter the incoming mail into various folders on the mail server/firewall, and then access just the appropriate ones - personal mail to tony@redhill.net.au from home, supplier pricelists to prices@redhill.net.au from one of the office machines, and so on? Ideally, I'd be able to leave all mail on the mail server/firewall for a certain period (a week, say) so that I could (e.g) read the os2.org.au digest at the office if I get a spare minute and feel like a break from 'real' work, but then read it again at home and maybe draft a reply later on.

3: Look at junk mail filtering. JunkSpy seems to get excellent reviews. Does anyone use it? Will it conflict with anything else I have planned? (After I wrote this the first time, I installed Junk Spy and, as you will have read, I am really happy with the result. It has made a massive difference.)

Thanks guys!
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,297
Location
I am omnipresent
You need an IMAP server. I don't know if ECS has one, but the WU-IMAPd that ships with most Linux distributions works really well.

I get paid reasonably well to set these things up.

Basically, you can use a program like fetchmail to grab everything you want from your various POP accounts. You can aggregate everything to a single mail account or you can spread things out to several, if you prefer.
Once it's on the IMAP server, accessing it in the office works about like you'd expect - everything is there. You can *also* set up a POP server to grab the same mail from your IMAP server. That'll hurt the first time you do it over a dialup line, if you're big on leaving things in your mailbox, but after that, things should be manageable.

You can also configure spamfilters either on your *nix box, or at the client. Whatever makes you happy. There are lots of preconfigured procmail filters in the world, so that probably shouldn't be too hard to figure out.

Configuring all this over a firewall can be fun, but I'm sure if you went with a product like smoothwall, there's probaby a FAQ out there somewhere.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,297
Location
I am omnipresent
Only when delivered by bikini-clad Aussie babes (the kind that aren't covered in orange fur, thank you), of dubious virtue and strong attraction to bookish computer-types.

Reminds me of a Stephen Wright joke:

One day I got on the bus, and when I stepped in, I saw the most gorgeous blond Chinese girl.
I sat beside her.

I said, 'Hi', And she said, 'Hi', and then I said, 'Nice day, isn't it?'.

And she said, 'I saw my analyst today and he says I have a problem.'

So I asked, 'What's the problem?' She replied, 'I can't tell you. I don't even know you.'

I said, 'Well, sometimes it's good to tell your problems to a perfect stranger on a bus.'

So she said, 'Well, my analyst said I'm a nymphomaniac and I only like Jewish cowboys... By the way, my name is Denise.'

I said, 'Hello, Denise. My name is Bucky Goldstein.'
 

The JoJo

Wannabe Storage Freak
Joined
Jan 25, 2002
Messages
1,490
Location
Finland, Turku
Website
www.thejojo.com
My boss and a few other friends use smoothwall, seems to be ok and not too demanding to set it up. I'd recommend trying it.

And IMAP as Mercutio said would be a good. I would however suggest, if possible, to tunnel the unencrypted IMAP traffic through a SSH tunnel or something similar. VPN? IPSEC?
 

i

Wannabe Storage Freak
Joined
Feb 10, 2002
Messages
1,080
Tea, I'm no expert, and because of that I'd actually try something a bit more simple:

1) Install Mozilla on a system at work. You can set up Mozilla to check multiple mail accounts. The mail is kept neatly separated reflecting the different accounts from where it came (it's hard to explain what the end result looks like without a screenshot, but it's very well done). Use a filter to tell Mozilla to flag incoming mail from your mother, and divert it away from the spam avalanche to a folder or account (or just flag it) where you will never miss it.

2) Install VNC on said mail-checking system, and configure it so that it can be tunneled via SSH (see here, or perhaps better yet here, which outlines "Zebedee" - an option for VNC that I've been hearing about more frequently these days ... apparently it's easier to set up than SSH, especially on Windows systems).


I think this would solve your problems. You only have ONE computer checking all your mail accounts this way. When you're at home and you want to check your mail, or reply to a message that's sitting in your inbox at work, you just use VNC to access that computer remotely from home. A firewall would add further protection ... you could only allow connections in to your work system from your home IP.
 

i

Wannabe Storage Freak
Joined
Feb 10, 2002
Messages
1,080
If you want to run a mail-checking system at work, but would like to use OS/2...

It looks like there might be a VNC option for OS/2 (look under the "Contributed" section at the VNC site, specifically "New Platforms"). The contributions from Bosse Nyström seem to have moved (I didn't search to find them), but Akira Hatakeyama's page is still up. He suggests looking through a mailing list to find OS/2 VNC server software.

Akira's software is just the VNC client (the "viewer"), which is kind of irrelevant, because any web-browser that supports Java can function as a VNC client/viewer. You'd need to track down some OS/2 VNC server software if you want to run your work system on OS/2.

Mozilla is available for OS/2.

The only other thing you'd need would be an SSH package for OS/2. There must be one of those out there though, right?


Or you could just set up the mail-checking system at work as a Win32 system. That'd be a lot easier. :)
 

James

Storage is cool
Joined
Jan 24, 2002
Messages
844
Location
Sydney, Australia
1. Firewall

If this is specifically a learning experience, then by all means set up a Linux box with Smoothwall. The minus side of this is the fact that there isn't actually much learning involved - Smoothwall is pretty much plug and play and there's a reasonable amount of assistance online to help you.

If you really want to learn about Unix and firewalling, you need a box running Linux or (preferably, my personal bias) FreeBSD, sufficient knowledge on how to harden the OS, and something like the FWTK. Knowing what I do about you I can confidently state that you do not now and will not for the foreseeable future ever have enough time to do this.

My suggestion is to buy an integrated firewall/switch/WAN device such as this Accton 4 port unit or this 8 port one which retail for AUD205 and AUD290 respectively. The Accton devices also have a print server which allows you to share a printer across the network - they're a great deal, and the guts of all these kinds of products are all made by the same Taiwanese company anyway so you may as well get the cheapest on offer.

You can get additional 8 port 10/100Mb/s switches for AUD65 each retail apparently, which is absolutely amazingly cheap.

2. Mail server
Mail servers are tricky beasts to run, it's important to get them absolutely correctly set up the first time round or they will continue to create problems forever. As was suggested by Merc earlier, the easiest way to do what you're asking is to run an IMAP mail server, and use Fetchmail to collect mail from the various accounts, then run it through Procmail for spam filtering. I ran exactly this setup at home for a long while. Again, my concern is that you simply don't have the free time available to devote to learning all this stuff.

The other point to bear in mind with this is that straight away it creates a security risk - you have to open up port 143 for incoming IMAP requests from you at home. You may also need to open up port 25 on the firewall to allow incoming mail delivery. Then both incoming ports need to be NATed to your mail server. And guess what the two of the most insecure services out there are? Yep, IMAP and SMTP. Plus, the NAT configuration is not necessarily a piece of cake.

If you're determined to follow this route, I like FreeBSD as mentioned earlier (in my not so humble opinion, it's much more like a real Unix than Linux, and I find it more stable. Minus side is that it has a steeper learning curve). For mail, qmail is really the only sensible mail delivery agent to use. Apparently Courier has a strong IMAP4 server, but it's tricky to configure the whole package. (To be fair, qmail isn't a walk in the park for the neophyte either.) Everyone tends to use Washington U's IMAP4 server as Mercutio suggested, but like the wu-ftpd it has some potentially serious security holes in it and I would steer clear of it unless ease of setup is paramount.

My preferred solution for you would be to outsource your email to someone like Everyone.Net. They offer 10MB of space for each of 5 POP- or web-accessible mail addresses, for about AUD75 per year. I use these guys and they've been pretty good. They also do limited spam blocking themselves.

www.runbox.com offer much the same service but give you 100MB instead, and it seems a bit more flexible. It's USD35 per year.

More interesting to you are people like MyRealBox - they're run by Novell, so they're likely to be solid, and they offer IMAP access which probably suits you better than POP services like the two above.

Perhaps even better is Fastmail.FM where for USD40/year you get IMAP, POP etc. access, 150MB of storage, 10 addresses, and a whole pile of other stuff including virus scanning, spam protection and so on. There's also an area to dump files up to a certain size which you can then access from anywhere with a web connection. I haven't tried these guys but having found them I think I'll change to 'em when my Everyone.Net account expires. You can even resell addresses to your customers/friends if you want. The only minus point is that use of your own domain becomes a bit expensive.

Occasionally you'd have to move mail off your IMAP account to a local machine to stop you running out of space online. This is an easy process and takes a minute or two.

Finally, whatever you do, move your domain(s) to www.zoneedit.com. It's free for less than 1 million DNS requests a year, and it gives you a lot more flexibility over how your domain is handled. You can integrate it with your home machine and make sure that whatever.redhill.com.au points at your dynamic IP address at home. You can also do e-mail forwarding from Zoneedit's control panel.

3. Junk mail filtering
I think I've discussed this above. I would try to get your e-mail provider to do it for you. It's likely that the various client-side spam filtering programs like Junkspy might not work with IMAP.

In short, while you can certainly do all these things yourself, I really can't see the advantage in doing so. You're busy and you don't need any other stuff to take up your time, plus actually finding the time to learn everything you'd need to know just seems to me unrealistic. Heck, I know how to do all this stuff, I have the equipment set up, and yet I still outsource it to other people. It means I don't have to worry about it, it's much easier to manage, and if it doesn't work, it's someone else's problem (plus, timezones mean that any broken things are usually fixed overnight Australia time and I never even see the problem). Plus, I'm sure I'd put more than USD40-60 worth of my time a year into running a mail system - why would I bother? I have much better uses for my time and I'm sure you do too.
 

Pradeep

Storage? I am Storage!
Joined
Jan 21, 2002
Messages
3,845
Location
Runny glass
Tea said:
Awesome! I can't believe how fast this is! (Yup, my cable is on at home. Next the office.) Wow!

Bastard! Now tell me about the DL limits so I can feel slightly less jealous of you. :cry:
 

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,749
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
2.5GB a month on each line, Pradeep, so 5GB total. 11c a MB if you go over the limit. Plus, all you can eat (which doesn't count towards your 2.5GB) between 1:00AM and 7:00AM. Cost is $99 setup plus $75 per month (for each line). They don't seem to care what I do with it. Unless it's hidden really well in the fine print somewhere.

Oh, and for the business they reserve the right to quote a higher installation charge. When they see my building, they will do just that if they have any sense. Cabling in this place is a nightmare. I won't mind if they quote an extra $100 or two. I[]/i] woiuldn't do it for $99, that's for sure.
 

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,749
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
Just slipping in for a quick note of appreciation to all - James and Mercutio in particular - I'm going to be tied up with taxation paperwork for he next few days, so I won't get to read and explore the material here in any depth for a while, but I will get to it. Right now, I have simply disabled the NIC on my home box (after a brief surf). Tonight, I'll take some bits and a spare hub home and set up a Smoothwall box there ("easy", and "nothing to learn" sounds good to me James!). The office setup can wait. I don't have the cable here yet anyway.

I'm happy with Junk Spy, so I guess it's the firewall side to work on next. The mail server (or whatever solution) can come last.
 

Cliptin

Wannabe Storage Freak
Joined
Jan 22, 2002
Messages
1,206
Location
St. Elmo, TN
Website
www.whstrain.us
Tea said:
Just slipping in for a quick note of appreciation to all - James and Mercutio in particular - I'm going to be tied up with taxation paperwork for he next few days, so I won't get to read and explore the material here in any depth for a while, but I will get to it. Right now, I have simply disabled the NIC on my home box (after a brief surf). Tonight, I'll take some bits and a spare hub home and set up a Smoothwall box there ("easy", and "nothing to learn" sounds good to me James!). The office setup can wait. I don't have the cable here yet anyway.

I'm happy with Junk Spy, so I guess it's the firewall side to work on next. The mail server (or whatever solution) can come last.

If you have any questions, I've been running Smoothwall for all of this year. It's always done me right.
 

time

Storage? I am Storage!
Joined
Jan 18, 2002
Messages
4,932
Location
Brisbane, Oz
Tony, you might have to organize some of that cabling yourself, or at least get an electrician to put drawstrings through. There's a limit to what the cable installation guys are prepared to do. Don't forget they're not on Optus' payroll.
 

Buck

Storage? I am Storage!
Joined
Feb 22, 2002
Messages
4,514
Location
Blurry.
Website
www.hlmcompany.com
Although not a Journeyman, I'll be happy to accept an all expenses-paid to Ballarat to properly wire the Redhill shop and the Kings roost. :mrgrn:
 

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,749
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
Damn it Buck, I'm three parts inclined to send you those tickets right away. (An extra one for my friend the Bartender, of course.) Plus, just in case you need an extra bit of advice or help with it, a ticket for Mercutio. Only problem I have with that is that Tannin seems to have secreted his credit card somewhere I can't find it. Sigh. Oh, and I'll see if I can find a nice bikini-clad girl for him. There is a very cute little chimp down the road a piece, should I give her a call? Or would Mercutio prefer one with no fur at all? (Well, most human girls have fur on their heads, but I guess he doesn't mind that.)

Cliptin: thanks for the offer. I took an old system home just now - a 6x86MX-200 with 32MB and a 2.1GB hard drive - and I'm downloading Smoothwire as I type. I'm getting 20KB/sec, which considering this is peak usage time over here (6:30PM) is great - roughly 10 times faster than many of my modem downloads, about five times faster than Dingo Blue were at their best. I'll sing out if I strike a problem.
 

Cliptin

Wannabe Storage Freak
Joined
Jan 22, 2002
Messages
1,206
Location
St. Elmo, TN
Website
www.whstrain.us
I found it easiest to start the installation with only one NIC in place. The last time I installed, The NIC auto detect would try to use the wrong NIC for GREEN. Just choose GREEN + Modem or ISDN. Then go back after everything is finished and change it.
 

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,749
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
Ahh. Yes. Next time, I'll make sure that I use two different NICs. This little box has two identical ones (brand new Realtek 8139s) and I had no way of knowing which one was red and which one green, so I just figured that I had a 50% chance of getting it right and plugged it in at random.

My internet works. Does this mean I guessed right?
 

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,749
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
Er, that wasn't very clear. How come I have cable now but I still type slow?

What I meant was that I set it up as red & green and then just plugged my two network cables in at random.

I'll read up on this properly when I get a half chance in a few days, but for now, just the short version - is there anything I absolutely, positively have to do to be reasonably secure bar just install the thing?
 

i

Wannabe Storage Freak
Joined
Feb 10, 2002
Messages
1,080
After setting up any firewall, if I can't find a way to run nmap or some more complicated tool to test my firewall, I at least go here:

http://www.grc.com/default.htm

It's cheap and cheesy, but depending on what you've got running on your system, it may give you some indication that your firewall is working. Or not.
 

i

Wannabe Storage Freak
Joined
Feb 10, 2002
Messages
1,080
i said:
After setting up any firewall, if I can't find a way to run nmap or some more complicated tool to test my firewall, I at least go here:

http://www.grc.com/default.htm

It's cheap and cheesy, but depending on what you've got running on your system, it may give you some indication that your firewall is working. Or not.

Sorry ... someone came to the door and I just clicked "Submit."

When you get to that page, click on the "ShieldsUP!" link. Then run the dorky "Test My Shields" and "Probe My Ports" options.

Like I said, cheap and cheesy, but it's something.
 

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,749
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
Thanks i, looks good so far. I can see that I have a great deal of reading ahead of me just the same.

More generally, the setup of Smoothwall was so easy that I'm inclined to think I'll do the office that same way. It means an extra machine, of course, but it obviously need not be powerful. The one I'm using here is a 6x86-200 Classic (not am MX, I was mistaken in my earlier post) with 32MB RAM and that is heaps. It installed in, oh, five or ten minutes. So another PC in the 200MHz class should be easy enough. The only thing I have to do is find some space for it somewhere. And put up with the (minimal but still present) extra noise and power consumption. The ideal thing, I guess, would be an old laptop. One with a broken screen would do just fine. Provided, of course, that I can figure out a way to get two NICs into it without buying PCMCIA ones, which cost a fortune. Maybe I have some old 10MB/sec ones lying around somewhere. (Actually, it wouldn't be finding the LAN cards that would be the tricky bit, it would be finding the damn dongle cables to go with them.)
 

Cliptin

Wannabe Storage Freak
Joined
Jan 22, 2002
Messages
1,206
Location
St. Elmo, TN
Website
www.whstrain.us
Tea said:
Ahh. Yes. Next time, I'll make sure that I use two different NICs. This little box has two identical ones (brand new Realtek 8139s) and I had no way of knowing which one was red and which one green, so I just figured that I had a 50% chance of getting it right and plugged it in at random.

My internet works. Does this mean I guessed right?

If it works it works. :)

What happened to me is that I wanted to use a 10Mb NIC for RED and a 100Mb for GREEN. When the software would autodetect which NIC to use for GREEN it would always find the 100Mb NIC and not let me pick the other. I solved the problem by limiting it's options to one.

Glad your setup, don't forget to apply all the updates!
 

James

Storage is cool
Joined
Jan 24, 2002
Messages
844
Location
Sydney, Australia
Tea said:
Tonight, I'll take some bits and a spare hub home and set up a Smoothwall box there ("easy", and "nothing to learn" sounds good to me James!).
Tony,

It's interesting the interpretation you put on my advice ;) - I was recommending not using Smoothwall on the basis that a router/firewall/switch unit probably has a real cost that is less than even the boxes you're talking about, a lower management overhead, less power consumption, less noise, and comes with someone to yell at if things break.

As you've discovered Smoothwall isn't really a good learning experience because there's really very little to learn. For my money therefore I'd just plonk an Accton box in and get it to do all the work and learn firewalls seperately, the hard way.

Anyhoo, it's your time, money and network - and my advice is just that, advice. You're entirely welcome to do whatever you like, just don't come whining to me if your solution ends up being problematic. :mrgrn:
 

i

Wannabe Storage Freak
Joined
Feb 10, 2002
Messages
1,080
Tea said:
Ahh. I see your second post now. No matter, I figured it out.

Tell me, what makes them cheap and cheezy?

Well, Steve Gibson is a very knowledgeable guy, but he has a bit of a reputation for occasionally being a sensationalist. You're right though, it works fine for what it sets out to do ... it's just limited in terms of the ports it checks. Like I said, it works as a quick test after I've set up a new firewall. I run the tests on his site from a system behind the firewall to make sure the firewall isn't blatantly broken.

And certainly some of the other software tools you can download from his site are very good.

Tea said:
Are there better tools I should be checking with?

Yes, probably. "nmap" is a port-scanning utility that many people use to ... uhh ... "test" servers. (Not necessarily servers they own.) Truthfully I've always had a friend of mine run the nmap port-scan against my systems from his (far away) network. That means my firewall gets tested in a "real world" environment. The downside is, I've never bothered to learn how to use nmap myself. It's on my list of things to do though.

Anyone here knowledgeable with nmap or some similar tool? It's about time I learned how to test a system for open ports or other weaknesses.
 

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,749
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
Ahh, James. I'm not ignoring your advice. :) As I mentioned, I'm up to my eyeballs in other stuff right now, so I won't be paying proper, thoughtful attention to this till I get the horrible paperwork out of the way. About the end of this week, I hope. But in the meantime, I need something that works and doesn't require too much effort. So Smoothwall seems to fit the bill very nicely. Keep it later? Or replace it? I'll think about that next week.

As for costs, well, you are right about power consumption and noise, but there doesn't seem to be any management overhead and the total cost of the Smoothwall box to me is zero - I have any amount of old computer gear in the 200MHz class lying around the place, including stuff I want to keep for my collection (such as the weird black anodised 2.1GB Quantum drive I used for my home Smoothwall box) and thus won't be selling anyway, so it might as well do something useful. My total net cost was about $50 for the two NICS. I should really have used two old, otherwise useless 10MB/sec ones, but I got an attack of the lazies and just used new ones.:(

At this stage, I plan to restrict my learning to discovering something about email protocols. I have no idea how POP and SMTP actually work, never mind fancy stuff like IMAP, so I guess I'll do some boning up on that so as to be able to set my mail server (or appropriate substitute) up, and so as to make at least some sort of hole in my ignorance. But not this week, alas. First I have to present the tax man with many and various bits of paper with numbers on them. Hopefully, I'll get the numbers in all the right places.
 

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,749
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
PS re installation of cables: Time, I gather that they don't care how much work they have to do, just so long as I don't care how much money I have to give them. I could probably buggerise about and save $50 by hiring someone else (well, maybe save $50), or save a fair bit more than that by doing it myself. But that would require that I do actual work on a weekend. :( So, unless they quote some ridiculous amount, I'll just pay whatever extra they ask and be done with it.
 

time

Storage? I am Storage!
Joined
Jan 18, 2002
Messages
4,932
Location
Brisbane, Oz
Hypothetical example: the cable is routed through the roof cavity and you want to run it down inside an internal wall to a socket about 30cm above the floor. For this you need a noggin drill, which is a drill with a bit about 120cm long.

Cable installers don't carry this kind of gear. Plus they work solo, so are somewhat limited in what they can do in when routing cables.

Actually, this is not a hypothetical example. Cost for an electrician to spend an hour buggerizing around with monster drill and feeding drawstring: under AU$50. This is because electricians only charge about AU$30-40 an hour, whereas 'cable' installers (through the telco) are (at a guess) about triple that.

The point I'm making is that if you want the cable snaking through walls etc to the heart of your building, you may encounter resistance from the installer. Their strong preference is for an outside wall. Just a cautionary note.
 

Tea

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
3,749
Location
27a No Fixed Address, Oz.
Website
www.redhill.net.au
Ahh.. Thankyou Time. They are going to quote for the job before they start, so I'll see what their quote is. If it's too high I'll do it myself. Or, more likely, chicken out and call the sparkie.
 
Top