Yeah, Yeah, Yeah….

Uncle AndrewUncle Andrew
Filed under: @ 9:13 pm

My blog has been up and down like a yo-yo for about a week now. I was twigged to it when my friend Scot reported being unable to reach Uncle Andrew dot Net. At first it seemed as though something bad had happened to my installation of Apache, so I un- and reinstalled it, which took a while. That’s okay; gave me the chance to upgrade to the newest stable versions of Apache, MySQL and PHP while I was at it. Never hurts to juice up the system with the newest releases. Okay, so sometimes it hurts, and on rare occasions it outright kills. But this was not one of those occasions.

However, after a few hours of installing, configuring and tweaking the brainstem of my Web server—the hours of 12:00am to 3:00am on a weekday, to be more precise—it turned out that the actual problem was my firewall software.

Now, technically, a blog being served out from a perch safely NATed behind a router that is itself a firewall appliance, on a machine that is filtering all incoming traffic through its own (admittedly rudimentary) firewall, should be fairly secure. I say “fairly” because no computer is ever totally secure, just like no sex is ever totally “safe”. But that much preemptive filtration should be well enough to keep the script kiddies from getting much of anywhere with my machine, and the true black hats would hardly be interested in fucking around with some random jackass and his piddly online soapbox. But I run too many services from this box (and therefore too many port-forwards through my firewall) to feel totally comfortable exposing my tender pink interfaces to the outside world without some extra medicine on board. It’s not enough to be all but certain that I’ve got the majority of my sphincters puckered; I want a second opinion, and firewall software can be a good resource for this. Cheaper than hiring a forensic network specialist to sit in my office with me and hold my hand.

Up till recently I was using Checkpoint Software’s Zone Alarm Pro, which—up until recently—I found to be an excellent and full-featured piece of security ‘ware. Problem is, something just started going wrong with it recently. I really don’t know what the problem was, but parts of the network driver add-ons that ZA installs started causing problems, most notably intermittent network shutdowns and—hilariouser still—random Blue Screens of Death. No amount of un/reinstalling, conflict hunting or system simplification would keep my system stable. So I chucked Zone Alarm and have been evaluating a few different packages since. One or more of these packages were more trouble than they were worth, which accounts for some of the other unexpected outages here at UAdN.

I think I’ve found a potential winner, but for the sake of paranoia I will refrain from naming the product, lest it come up later as having some heretofore unreported vulnerability that someone might exploit by Googling the name looking for those who use it. Yes, that’s highly unlikely, I know. But it helps me to sleep at night. Well, that and Benadryl.

If anyone has any recommendations of their own for reasonably-priced network security software for a home mail/Web server, I’d be delighted to hear about it. I’m always willing to tap the pool of knowledge resident in the vast herd of nerds that make up my social web. :mrgreen:

All portions of this site are © Andrew Lenzer, all rights reserved, unless otherwise noted.