Linux Journal: A Few Recipes for Easier FirewallsSep 16, 2000, 22:04 (0 Talkback[s])
(Other stories by Marcel Gagné)
"François! You call that a security notification? The message must contain more information than ``This is a test of the emergency security broadcast system'', if any self-respecting system administrator is going to be able to act on it. Qu'est-ce que je vais faire avec toi? François, what are you looking at? What? Oh, mes amis, forgive me. I did not notice your arrival. We were setting up some new security policies on our Linux servers, and François had written a script to detect my port scans and I was completely distracted."
"François! Wine for our friends. Vite! Vite! Come, mes amis. Let me show you to your tables. As you get comfortable, I should tell you about this message my waiter had the system send out. I did a thorough port scan on the system, and all he sends as notification is that old ``This is a test of the emergency et cetera'' type of message. Not much of a description, non? You know, when I was younger and they had those messages on television, I always suspected that if there had been a real emergency, we would not have gotten the message because those who knew of the problem would already have been in hiding. A little joke, mes amis. Ah, François. Yes. An excellent choice of wine. You will like this one, mes amis, a superb 1995 Montrachet. Please pour, François." "Security, as you know, is very serious business indeed. Every day, we hear of damage caused by viruses, of new exploits through which crackers compromise systems. For those of us in the information technology restaurant business, these are challenging times. We must be ever vigilant. A good firewall, then, is an excellent beginning. But how to do it simply is the question, non?"