[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Just noise: Leaving

On Sat, 7 Mar 1998, Christoph Lameter wrote:
> I have the impression not only that the list is not giving information but
> that it is misleading to people not knowing about firewalls. And the
> packages needed to build a debian firewall are already in place. I have
> severe doubts about the direction this thing is going and I have been
> using Debian for firewalls from the beginning. Some packages related to
> firewalling in Debian have been released by me.

Sorry, but this sounds like: here are the bricks, please build the house
yourself. I run my first Linux based firewall in June 1994. Since then I
installed dozens of firewalls, Linux based and commerciall firewalls.
I really know about what I'm talking.

We need the packages. But we need also some other things besides the
packages and a full featured Debian system. In the same sense that user
friedly setup tools are needed, in the same sense we need an easy to setup
firewall system. In this same sense Debian also needs an easy to setup
system for office use, and also an easy to configure system for a non
Linux/UNIX specialist.

Please don't expect that every user has the knowledge to
- select the appropriate packeges for a firewall
- and to configure them.

I also don't like to do always the same repeating tasks for every firewall
installation. I want some of the tasks automated, I want to give parts of
a firewall management to less knowledgable admistrators (like user
management for proxies). I also want an autitable system, preferably a
automatic auditing of the system setup against a formal description of the
security policy.

The today best selling commercial firewall attracts with a graphical
user interface. As a purist I don't like it, but this type of user
interfaces are expected from the users. A firewall system without a
colourfull windows interface could not be a good firewall, it could be to
complicated to setup it and to manage it. So the mind of decission makers
in the industry.

Besides the now (sometimes chaotical ;-) running discussion on
debian-firewall I expect some positive results from this list. This is the
first wide run discussion plattform about the _construction_ of a system
of this type.


Hubert Weikert   DB1MQ   Member of DARC (www.darc.de) and FITUG (www.fitug.de)
Email: weikert@cube.net  weikert@compuserve.com  http://www.cube.net/~weikert/
Book: Kryptographie mit dem Computer (PGP Praxis) ISBN 3-7905-1503-5  DM 19,80
Key = 21978C61  fingerprint = 99 38 A5 83 C8 76 F4 E1  A7 9C B9 70 9A A7 70 10

E-mail the word "unsubscribe" to debian-firewall-request@lists.debian.org
TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble?  E-mail to listmaster@debian.org .

Reply to: