IWETHEY v. 0.3.0 | TODO
1,095 registered users | 1 active user | 1 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New OpenBSD CARP - Suwheett!
[link|http://www.openbsd.org/cgi-bin/man.cgi?query=pfsync&sektion=4&arch=&apropos=0&manpath=OpenBSD+3.8|http://www.openbsd.o...npath=OpenBSD+3.8]

Time to install OpenBSD on a pair of boxes - 10 minutes.
Time to setup a NATting firewall - 10 minutes.
Time to setup a pair of failover/failback NATting firewalls - 11 minutes.

Time for seemless failover to backup firewall, maintaining all active connections - 5 seconds.
New Did you actually do this Barry?
If so, at work? and If so, How the HELL did you pull that off?
--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
Freedom is not FREE.
Yeah, but 10s of Trillions of US Dollars?
SELECT * FROM scog WHERE ethics > 0;

0 rows returned.
New Proof of concept
Currently running in my office, "protecting" me from the rest of the company.

IF (and that is a big IF) we continue along this path, it will be part of a line-of-business segmentation of the network.

We'll probably end up getting a bunch of 3 Gbit port utility boxes to run it on.
[link|http://shopping.hacom.net/catalog/product_info.php?products_id=76|http://shopping.haco...hp?products_id=76]

I figure I'll need 8 boxes for 4 networks worth of isolation.

Right now I have 1 bridging OpenBSD box used to firewall a bunch of vendor equipment. The boxes used to crash about every 5 days. Vendor said it was our crappy network (their code was REALLY fragile). It has been in place for a month with no crashes.

The boss really like OpenBSD for security / utility boxes.

We have a new security guy starting in a couple of weeks. He might quash any non-Cisco solution. So I'll have to get not so attached to this.

On the other hand, I'm going to CISSP boot camp in the next month or so, which means I'll be "qualified" to argue with him.
New LRPD says:
Now it's time for a little bragadoccio while I swing my arms like Ralph Macchio.
===

Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats].
[link|http://DocHope.com|http://DocHope.com]
New And follows up with:
A battle between the engineer and the laws of nature.
===

Purveyor of Doc Hope's [link|http://DocHope.com|fresh-baked dog biscuits and pet treats].
[link|http://DocHope.com|http://DocHope.com]
New And we all know how painful THAT can be...
--
[link|mailto:greg@gregfolkert.net|greg],
[link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey
Freedom is not FREE.
Yeah, but 10s of Trillions of US Dollars?
SELECT * FROM scog WHERE ethics > 0;

0 rows returned.
New Dead. Hit by a flying pig
--\n-------------------------------------------------------------------\n* Jack Troughton                            jake at consultron.ca *\n* [link|http://consultron.ca|http://consultron.ca]                   [link|irc://irc.ecomstation.ca|irc://irc.ecomstation.ca] *\n* Kingston Ontario Canada               [link|news://news.consultron.ca|news://news.consultron.ca] *\n-------------------------------------------------------------------
Expand Edited by jake123 Jan. 8, 2006, 12:19:15 PM EST
     OpenBSD CARP - Suwheett! - (broomberg) - (6)
         Did you actually do this Barry? - (folkert) - (5)
             Proof of concept - (broomberg) - (4)
                 LRPD says: - (drewk) - (3)
                     And follows up with: - (drewk) - (2)
                         And we all know how painful THAT can be... -NT - (folkert) - (1)
                             Dead. Hit by a flying pig -NT - (jake123)

LRPD in a coma, I know, I know... it's serious.
47 ms