Mike@SecurityWriter it was either this or sleep.
guenthersince when is iptables a "dedicated network device"?
@guenther @SecurityWriter I’d never be caught dead deploying a white box PC with some PCI network cards and IPTables as a firewall in production. I’m a professional.
I used FreeBSD and Packet Filter.
Simon Fondrie-Teitler@guenther @mikemacleod @SecurityWriter since it can direct traffic in addition to restricting I feel like it belongs in the middle bottom instead of the top right.
Maisie SummersA boss of mine once used an old PC, put four network cards in it, and set up traffic handling rules with Linux. With the four cards we had external internet trunk, our external web server, our internal intranet server, and our external office connections.
Remember he was delighted one day sitting there watching someone in China pinging our system, and the pings falling into a black hole he'd set up.
Matt Palmer
Mike (no, the other one)
Hannah@mikemacleod @SecurityWriter Every device can be a firewall if you operate it wrong enough.
ravenlb@mikemacleod someone needs to put this in the Louvre, incredible
Michał "rysiek" Woźniak · 🇺🇦@mikemacleod thanks, now I need to clean the spat-out coffee off of my screen.
VL
@mikemacleod Where is NAT on this chart? Somewhere near WRT54G?
raminfOnly one can create true security: a working Air Gap.
@raminf @SecurityWriter what is an excavator if not spontaneous air-gap as a service (AGaaS)?
Ethan
Cat Pandering@mikemacleod @SecurityWriter Important to start learning early. My toddler's first firewall.
WanderingBeekeeper@mikemacleod @SecurityWriter yeah, I think we've all had excavators in the data path at some point in our careers.
Elyse M Grasso@WanderingBeekeeper @mikemacleod @SecurityWriter In the late 80s at a meeting about implementing T1, an AT&T rep mentioned (admiringly) that one of their competitors had bought a lot of cable routes in gas line rights of way. He said people running backhoes pay a lot more attention to signs that say 'warning: gas line' than to signs that say 'warning: telephone line'.
(Nonetheless, when I put the power lines to my house underground, the excavator managed to cut the gas line twice...)
(Nonetheless, when I put the power lines to my house underground, the excavator managed to cut the gas line twice...)
Daniel C 👁️🐝Ⓜ️
Daniel Pache⚓
Resuna@mikemacleod @SecurityWriter Green Ethernet is a firewall.
Oh you turned off that port because the server is sleeping with WoL and hasn't sent any traffic and you don't send the WoL wake up packet because you turned off the port.
Kelly Guimont@mikemacleod well that lives in my work Slack now...
Renalia@mikemacleod @SecurityWriter interesting the Excavator is the only firewall that can be employed retroactively :3
"haha we stole your data through your unsecured internet!...wait... what's that rumbling?"
Karyx Dragon@mikemacleod @SecurityWriter Fibre-seeking backhoes *do* make effective firewalls :)
CJ@mikemacleod Spanning tree being on this is really next level insanity.
@crh it was either that or “rogue DHCP server”
@mikemacleod I think you should add a rodent operating the excavator. Squirrel, rat, etc.
Bill, organizer of stuff@mikemacleod @SecurityWriter Having lived through "Excavator is a firewall" and "Don't run the backup fiber through the same electrical duct as the primary," I can vouch for this.
Wayne Werner@mikemacleod @SecurityWriter A shark is a firewall
@mikemacleod @SecurityWriter A strong pair of scissors makes a great layer-1 firewall.
Stuart Longland (VK4MSL)I have a colleague that calls anything that features more than two Ethernet ports as a "router", whether it does anything at layer 3 or not.
lawnerdbarak@mikemacleod @SecurityWriter anything is a firewall if you use enough fire.
Cassandrich@mikemacleod @SecurityWriter Aww you redefined the axes. Otherwise I was gonna say "nope, all firewalls are lawful evil".
@mikemacleod @SecurityWriter nice, but where is OpenOffice in this chart
mari 💜@mikemacleod Missed opportunity for "NAT is a firewall"
artisanroxI was just telling people of my appreciation for the mix of form and function...and here is proof, right here in my WRT! 
🤟 
🤟
David A. Pirata Informático @mikemacleod @SecurityWriter After having a 24 hour outage due to a fibercut, this is perfect.
@riskymanag3ment @SecurityWriter it’s not an outage, it’s the spontaneous implementation of an air gap security solution.
All your base are belong to us@mikemacleod @SecurityWriter The last image reminds me of the phrase "back hoe fade margin".