Vivat-egad!
Quite possibly the worst Vivato Install I've Seen.
The naked panel weights 42lbs. The observation deck is some 1100 feet above ground level. Wind gusts of over 60mph are common on top of the tower. The naked panel has an area of 1/2 square meter, or 5.8 square feet.
F= ((Vg^2)(A))/390
where:
F= Horizontal force, in pounds.
Vg = Wind velocity in mph.
A = Surface area, in ft2
A 60mph gust will generate 53 pound of force at the top of that mast. An 80mph gust will generate almost 100lbs of force. Thank God for the saftey fence.
Jim on 04.27.05 @ 05:56 AM PST [link]
The Ultimate Corporate Firewall
If you’ve ever dealt with network security (crackers, firewalls, viruses and so on), you know there is one ultimate trump card in an emergency: cut the cord! If a worm is running loose on your network, or a DoS attack is killing your server, sometimes it is just best to unplug from the Internet entirely until the problem is resolved.
Of course in a small network this is easy to do manually. But in a larger network the critical cable might be several floors away, hidden in the back of cluttered wiring closet.
And what if you are not on-site? You may have just gotten notice of the problem via a remote monitoring device on your pager, and nobody is in the office at this hour to unplug it. Seconds can count in emergencies!
For this device, a tiny electrically operated guillotine would be connected to a dedicated phone line. The critical cable is then threaded through the guillotine. When a problem occurs, you call the connected phone, punch in a security code, and the guillotine is “fired” through the cable, severing it. As confirmation on the phone line, a sultry female voice with an obvious French accent would confirm, "Qu'ils mangent de la brioche"
Of course, there are practical alternatives, but they don't squeek in French, and you'll need to get through the network to access them.
On a somewhat less fanciful note...
A long time ago, there was a company named Smallworks. We built firewall and VPN gateways on SunOS and WinNT platforms. The product was called "Netgate". We received many Chapter_27Firewalls_.html">fine reviews.
We even built a Border Gateway Protocol (BGP) 'listener' (in Java) that could tie the eBGP4 feeds from the MAPS RBL service into NetGate firewall rules. This software would allow customer sites to completely block providers of UCE from contacting their constituent networks. The code to the listener was placed under the LGPL, and eventually used in several university-level Java programming classes.
This was all somewhat before technologies like GNU/linux and freebsd were stable. The SmallWorks "Netgate" product was "source available". You could buy the source to the entire system for, IIRC, $2,500, while binaries were $1,500. We made the source available not out of any "open source" spirit, but rather so those customers who wanted to inspect the code, could. We pre-dated the Checkpoint patents by at least a year. Many years later, when Darrin Reed caused a huge upset by "pulling" permission for ipf, the packet filter used by linux, freebsd, netbsd and openbsd, I offered the code to Netgate under any appropriate open source license requested, as a replacement. The BSD family moved toward pf, while linux has repalced its firewall technology with every major release.
We had some killer customers back then: Cadence, Tivoli, Bank-One, Raptor and fantastic licensing deals with Elvis + and Sterling Commerce.
I closed the business in 1998 when I went to Wayport to be the CTO. I told myself that I "wanted to learn about VC". Between Wayport and Vivato, (with a little bit of Musenki in the middle), I got my education. That single decision took six years of my life, but provided me with a very deep education of not only the pitfalls and practices of the Vulture Capitalists, but also a very nice education about subjects including 802.11, RF and embedded linux systems. I admit that I was confused how people could be making so much money building websites to sell pet food. Remember, it was 1998, and the dot.com gold-rush was on.
When AT&T decided to attempt to rip our registered trademark for "Netgate" for no good reason, we started using the name in commerce. The netgate you know today as a provider of 802.11 gear is the result. Thats literally how we picked the name.
Lately I've taken up with the m0n0wall folks. m0n0wall is a great little firewall, VPN system that is "open source" (in the BSD sense). I started shipping it on our PowerG8 line mostly because it provides a "nearly there" solution that is adequate for most of our customers. We also run it here as the main gateway on a Soekris 4501. I'd tried pebble, but it sucked so badly that I kept looking. m0n0wall was simple: dd it to the CF card, slap the CF card into the system, apply power, and hit the webGUI. It was love at first sight.
So last night, Chris Buechler, who not only runs most of the documentation effort for m0n0wall, but also answers most of the questions on the m0n0wall mailing lists sends email and says he installs m0n0wall for his customers, and he'd rather buy from us than one of our competitors. He wants a slightly different WRAP board in a simple case. He sent the mail at nearly 6pm HST. Thats 9pm in California, and midnight on the East Coast for those of you stuck in the mainland.
We went to work, Jamie and I. A little back-of-the envelope math, an email exchange with one of our suppliers, a couple web orders, and a bit of snarking around with OS Commerce, and we had a new product, the Netgate m1n1wall. (Get it?) Six hours gots us a new product on the way to the warehouse, complete with tested code, documentation, and a support group.
So now I'm thinking of using the new BGPD from OpenBSD, and adding a similar MAPS RBL based Spam filter to m0n0wall. Now, I'm fairly sure that few people will want to put a 6 in by 6 in WRAP board in front of their entire mail system, but then, I haven't revealed all my cards yet. We have other hardware. Rack-mountable hardware. Rack-mountable hardware that has faster processors, more memory, more Ethernet interfaces, yet still boots off a CF card.
Heh heh.
Netgate is back, baby.
Jim on 04.27.05 @ 04:14 AM PST [link]
