Greetings,
While I hesitate to clutter this list when Tom has been so great at
corresponding to troubled users, I feel compelled to speak up.
I discovered Shorewall around six months ago while looking for a management
suite for iptables for the deployment of our department''s private
network
which was to protect vilnerable Microsoft-based hosts and services from the
tumultious public network we sat upon. While starting my foray with a
rudimentary understanding of the power of iptables, my project got
exponentially easier with the discovery of the suite. Other proposed
solutions tried and failed at achieving the power Shorewall strived to offer.
Now, after a summer session of being live with Shorewall routing for our
NAT''ed hosts (~500 hosts; Windows workstations, servers, services,
etc), I
can do nothing but sing praises to colleagues in other departments. While
others are wrestling with the 3 week old MS RPC exploit compromising hosts
left and right on a public network as large as the university, we are
comfortable to boast that we have had not one compromised host. With that,
the popularity of Shorewall within the College of Engineering has drummed up.
Other departments are eager to implement similar solutions in an effort to
better protect the integrity of data and services.
I just wanted to voice my gratitude to Tom and everyone involved with
development of the Shorewall software suite. While it has undoubtedly been
voiced in the past by other pleased users, your contributions to constructing
a lightweight, intuitive solution which maximizes the powers of iptables have
helped make IT management easily something simpler to deal with.
Warmest regards,
Nick Silkey
LRC IT
Dept of Elec and Comp Engr
Univ. of Texas at Austin