7/13    I'm thinking about getting a Soekris 4501 to replace my the P2-400
        that is currently acting as my home firewall. Has anyone used a
        Soekris system for this purpose? If so, how well does it work? Also,
        if there are any alternatives (similar power/form factor), I would
        appreciate links to those as well. tia.
        \_ John got me to use a WRAP box similar to Soekris.  I use this one:
	...

8/3     Similar to the post below, I'm planning to set up a machine outside
        of the firewall and I'm considering FC3/4 or RH9, and maybe others
        too. Since it's outside of the firewall, security is a concern. In
        addition, manageability is a huge issue for me as I'm not intimately
        familiar with RPM package resolutions. What do you guys suggest?
        \_ Whatever you do, I'd recommend at least looking at selinux.  For
	...

4/29    I hate ipsec, so much.  It's like some twisted joke:
        "OpenS/WAN, a Cisco PIX, and a Sonicwall walk into a bar, and
        the bartender says, 'you got your PFS in my NAT-T!'"
o/28    Damn it, people, entertain me.
        \_ http://www.firefoxflicks.com/flick/index.php?id=19542&c=false
	...

3/14    I'm looking for a good tutorial/howto for setting up IPSEC
        on my *BSD router/firewall. Basically I want to be able to
        access my home network while I'm on the road (iBook w/ OSX
        10.4), and I don't want to set up a bunch of SSH port forwards
        to talk to various services. Any pointers?
3/14
	...

3/2     Has anyone seen this?  Should make a good firewall appliance.
        http://www.linuxdevices.com/news/NS3880195342.html
        \_ With only one nic?  I suppose you could use the USB..
           Wonder how M0n0wall would do on this..
           \_ I could ask Manuel (the guy who put M0n0wall together) if you're
              interested--we have him on retainer on one of my projects. -John
	...

2/13    Do I really have to point my cisco pix at some cert. authority
        if I want to use keys (instead of "pre-shared secrets") ?
        I can't just self sign?? wtf?
        \_ Actually, why not just create a CA signing cert with OpenSSL
           (it's not that hard), sign a cert with that, and then import the
           CA public key into pix?  Or use a static passphrase for phase I
	...

2/15    I'm trying to get someone setup on iChatAV but it appears that their
        ISP is blocking port 5060 (the SIP port) in order to promote their
        own VoIP products. Does anyone know of any clever ways to circumvent
        this (like port forwarding, proxy, etc.)?
        \_ Yeah--get a decent firewall (I'm going to keep on mentioning
           M0n0wall on WRAP) that does port NAT.  That, or IPSEC, although
	...

1/21    I am trying to setup a small network for my girlfriend's
        mom's company.  They just bought an accounting package
        which requires windows 2003 server.  And they want internet
        access from each computer.  How should the network be setuped?
        Would it be dumb to use static IP for each computer and a
        computer as internet gateway?
	...

1/2     Which Windows anti-virus software do you trust/recommend?
        \_ Linux
        \_ I think the general consensus is that Kaspersky is the best AV
           program you can buy.  Among the free AV programs, Avast! is well
           regarded, followed by AntiVir.  ClamAV seems pretty good if you
           want to go open-source. --jameslin
	...

10/9    Dear MOTD, I'm looking to give a bunch of windows users access to a
        filesharing solution on a unix box.  They're not terribly technical,
        and have mainly browser access.  Is there some sort of open source
        web based toy running over SSL that mimicks what they would see on a
        windows fileshare, with drag&drop/copy&paste?  -John
        \_ WebDAV on Apache might work for you. I think that recent
	...

9/27    Are there routers out there that do bandwidth limiting or
        protocol priority? I run a LAN in my house but my roomates
        seem to hog up connections making my SSH connection intolerable.
        \_ http://www.m0n0.ch/wall + http://www.pcengines.ch  -John
        \_ Think the term you are looking for is traffic shaping
        \_ Some manufacturers sell a "gaming router" which traffic shapes on
	...

7/17    Got any recommendations for the WiFi service(s) in the South Bay?  My
        main concerns are security (I am a WiFi idiot.  Just want to make sure
        that my WiFi transmittions are secure.  Is this possible?), stable
        connections once I am connected, and widely available.  Some of the
        Starbucks branches have been referring me to T-Mobile, but the T-Mobile
        does not seem to have a full list of the available WiFi spots it
	...