[Gloucs] I-WORM/Opas.A - FIREWALLS

bjh gloucs at mailman.lug.org.uk
Wed Jan 1 17:56:01 2003


Thanks again Guy,

Now if there is any doubt in any persons mind about the need for a Firewall
PLEASE READ ON!

The saga continues:
ONE:
We now have our main host computer firewall protected with ZoneAlarm
following the virus cleaning of the Dos base system of Windows 98 using our
trusted AVG virus programme having removed all network drivers and of course
the Sitecom Wireless Adapter..

TWO:
Having carried out the same virus cleaning process on our slave computer
(no:2), we had problems getting the two computers talking to each other
having re-installed the Network Adapters and drivers required..

THREE:
I decided to direct connect our "slave number two" computer to the net
(WITHOUT FIREWALL PROTECTION) and check for Microsoft Updates...

When connection was made with the Microsoft site, our dear friends system
said that we needed to re-load some updates, and in particular the Service
Pack for Internet Explorer 6 (which had previously been installed - remember
we do download updates as a matter of course!).

When the download finished the usual "you need to re-start your computer"
message came on screen, which we proceeded to do..........................

Now our reader is probably getting bored with all this and wants to get to
the point of this tale.....

OK - so on computer re-start - what did we get???
You guessed right, all the viruses were back in the system!!!!!!!!!!!!!!!!!
This time with one extra virus that stuffed the system completely blocking
every attempt to get to a Dos command prompt, whatever method used (even the
F8 key trick on startup and using startup and system boot disks)..

After many different attempts to recover the system I was able to save the
day by re-starting the system and ignoring the first virus warning, allowing
the warning to time out and then clicking the AVG  desktop shortcut before
the remaining virus warnings clicked in.... and thankfully our trusted
friend AVG clicked in and we were finally able to get to a Dos prompt to do
a Root removal - time taken to get to this point - about four
hours!!!!!!!!!!!!

Do we believe in Firewalls - too damn right we do!!!!!!!!!!!!!!!!!!!!

Best wishes Guy and thanks again for all your work on this subject!!!!!!!!!

Barrie Haycock


----- Original Message -----
From: "Guy Edwards" <guy_j_edwards@hotpop.com>
To: "MAILING LIST" <gloucs@mailman.lug.org.uk>
Sent: Wednesday, January 01, 2003 4:34 PM
Subject: Re: [Gloucs] I-WORM/Opas.A


> (oh it's a _big_ post)
>
> On Tue, 2002-12-31 at 15:51, Mark wrote:
> > It does indeed, ofcourse those people who dont like "sell-out" companies
> > should look at IPcop (from the original supporters of smoothwall before
> > they..."went commercial")
>
> Just so people (who don't know) know it's maybe not quite as clear cut
> as that..... This should be the fullish story, I'll try and cover both
> sides....... (this is all just my opinion + references of course)
>
> I don't see any problem with making money from a GPL product, I don't
> mind the advertising in the free version of Smoothwall same as I don't
> mind the advertising in the free version of Opera. On the very front
> page of http://www.smoothwall.org/ is a great big advert for downloading
> the FREE version of their product. How many of you are using Linux
> distributions where the makers of the distribution make it difficult to
> find the free iso download? The smoothwall team do do some good things
> like promote Sourceforge
>
http://www.smoothwall.org/home/articles/dickmorrell/20020316.sourceforge.htm
l
> and they are trying to make a living which some open source vendors do
> have problems with (Mandrake and plenty more)
>
> The smoothwall authors version of things is basically that a GPL program
> they'd written was copied by someone else (which is fine but...) who
> then put a new skin on it and claimed it was all their own work with no
> acknowledgment of the original authors and flatly refused to acknowledge
> them when asked. It's documented by them at:-
> http://www.smoothwall.org/home/articles/dickmorrell/20020322.time.html
>
> As I understand it, the Ipcops version is that they forked the code
> because they feared peoples effort was being diverted onto commercial
> addons and people were getting quickly hacked off with the abuse they
> received when asking for help.
>
> IPcops website:-
> "IPCop is based on Smoothwall GPL, but that's where the comparison ends.
> Version 0.1.1 STABLE offers a later kernel, Ext3 file system support,
> the restrictions of only having one VPN tunnel at one time removed, and
> the USB DSL code restriction removed. While that version of IPCop may
> not be a huge departure from Smoothwall GPL, it shows that the
> development team did not just "rip and replace" Morrell's code. It was
> important to get a project up to support the user base of people who
> were tired of Morrell's abuse, so a product was released that did what
> those people needed to do, plus had some of the restrictions put into
> place to goad you into buying Smoothwall Corporate removed."
>
> Their full version of events is at the bottom of this email....
>
> My little take on it all:-
> Basically I don't think the Smoothwall authors really thought about how
> the GPL and commercial versions would work as a commercial venture and
> now they have lots of people wanting tech support who haven't bought a
> product off them. People are naturally asking them for help because
> they're the authors of the GPL product. The main product people want is
> Smoothwall and they're not buying the addons.
>
> The lack of "people" skills that members of the Smoothwall team are said
> to have will really annoy any people who are working with any important
> GPL product, and their actions will have been the major cause of the
> code fork.
>
> Finally, you're not selling out by using Smoothwall or IPcops. One is a
> free version of a commercial set of offerings, same as Redhat and all
> the others, albeit with a interface that has advertising on. IP cops is
> heavily based on Smoothwall. Initially at the code fork the
> distributions were near identical, but that was some time ago and it now
> has new features and is a product in it's self.
>
> If people hadn't originally supported Smoothwall there wouldn't have
> been the GPL code for IPcops. If you download and install either version
> you aren't selling out or supporting a sell out.
>
> Perhaps the main reason for choosing between the two would be
> 1. Immediate technical support if you are a large company and purchase
> the Smoothwall products geared towards such places.
>
> 2. The better features (eg ext3 support and certain restrictions
> removed) on IPcops
>
> That last one would clinch it for me, but it means connecting a CD-ROM
> drive to my firewall and currently I've lots of other things to be
> doing....
>
> Guy
>
> -------------------
> Here's the full IPcops response
>
> (I can't post a direct link because they're masking the url on the
> website for some obscure web design reason I can't think of. ) any way -
> heres IPcops response: http://ipcop.hopto.org/ some of the responses are
> quite good too. (do a search on their site for smoothwall to find it)
>
> It's a bit long.............
>
> "Richard Morrell [smoothwall author] waxes poetic in his latest article
> on the Smoothwall Community Website, focusing his attention on spreading
> blatant lies about the IPCop project. Richard makes some good points
> about possible problems that might arise in the Open Source community if
> someone were to grab a project's code, edit all of the authors names
> out, and then release the result as original code without mention of the
> people who actually wrote it.   Announcements & opinions      In typical
> style, Morrell is upset because the GPL allows the free distribution of
> code. Morrell's main focus is Smoothwall Corporate Server, and myriad of
> other plug-in modules that are options for this product. Having a
> product like Smoothwall GPL in addition to Smoothwall Corporate
> undercuts the bottom line - most average people only need the
> functionality of the GPL product and hence, won't buy the corporate
> version. Being as that it is GPL, people are free to modify the code as
> they see fit. Here's the rub - if you were to release a product that did
> 100% of what Smoothwall GPL does, plus add some features that are found
> only in the non-GPL version of Smoothwall, that makes Smoothwall a less
> attractive option for people to use."
>
> "There are several reasons why IPCop forked. First was that development
> effort of Smoothwall was leaning heavily towards the commercial product.
> There had been a lot of rumors that the GPL product would be shelved, or
> crippled even more than it has been. Secondly was the attitude the
> Morrell has taken towards users. Many people fled the Smoothwall project
> because they were tired of being abused, threatened, or demeaned by
> Richard, often when they were just asking support questions. The IPCop
> community understands that this is no way to run a project, and that
> public relations and how we are viewed in the open source community is
> important."
>
> "IPCop is based on Smoothwall GPL, but that's where the comparison ends.
> Version 0.1.1 STABLE offers a later kernel, Ext3 file system support,
> the restrictions of only having one VPN tunnel at one time removed, and
> the USB DSL code restriction removed. While that version of IPCop may
> not be a huge departure from Smoothwall GPL, it shows that the
> development team did not just "rip and replace" Morrell's code. It was
> important to get a project up to support the user base of people who
> were tired of Morrell's abuse, so a product was released that did what
> those people needed to do, plus had some of the restrictions put into
> place to goad you into buying Smoothwall Corporate removed."
>
> "Morrell is afraid. Afraid that he will lose his "niche" in the market
> to a product that lives up to all of the ideals that he claims
> Smoothwall GPL did. Richard is now bitter, resorting to name calling
> ("open source wankers" was a description he called the IPCop group),
> threats (legal action against me for posting in an IPCop mailing list
> that I wanted to switch out my two Smoothwall Corporate Servers for
> IPCops and sell the Smoothwall licenses), and general threats and
> intimidations. So incensed he is by the GPL that he is changing the way
> Smoothwall GPL is licensed, and changing the name to Smoothwall Lite."
>
> "Development is continuing for IPCop. Work is in progress for the 0.1.2
> release, which provides more bug fixes and updated versions of the
> underlying software in the firewall. The next major release, 0.2, will
> be a near total re-write of the code, including a lot of new features
> such as a switch to IPTables, ruleset manager, multiple external IP
> addresses, support for wireless, etc."
>
> "IPCop may be a fork from Smoothwall GPL, but it's a totally new breed
> of software. Instead of focusing on "going commercial," we're focusing
> on supporting the GPL community and working with our users to create a
> community based not on intimidation and threats, but on openness and
> collaboration."
>
> "Watch this space - IPCop hasn't started to cook yet!"
>
>
>
>
> _______________________________________________
> gloucs mailing list
> gloucs@mailman.lug.org.uk
> http://mailman.lug.org.uk/mailman/listinfo/gloucs
>