Never Blindly Copy Code

I have been developing my own iptables firewall scripts for my Linux machines. On the whole the process has been going quite well. Part of my research into the firewall rules involved buying a few reference books, one of which contained what claimed to be a very secure script. I copied the base rules over to use as a base to add my own rules to and things have progressed very well.

Today I was going through the code trying to open some ports for another service when I noticed an anomoly; one of the rules I had copied was badly wrong. I went back to the book to compare what was listed; I was expecting to have made a typo. I found the book listed the flawed code in its main script but earlier in book it was used in its intended context. Had I not gained a sufficient understanding of the iptables rules and how they fit together I would not have noticed this error. It is worrying to think it has been exposing my machines to uncessesary danger. A few quick ammendments and all my machines are once again secure. The added bonus of the correction was that it removed some of the extra packets being logged and dropped by the firewall.

I will be very careful of what I copy from reference books from now on. I will also be paying much more attention to my firewall scripts in general to ensure I keep the rules sensible and secure.

Goals for 2008

Happy New Year to all of you out there in internet land; I hope the festivities didn't take their toll.

Instead of resolutions for 2007 I set a few simple goals its time for a look at how I got on.

  1. Contribute more to Open Source Software - It might be writing documentation or code, perhaps just helping other users. It’s about time I gave back to the community.
  2. Upgrade my PC - A new TFT & GFX card are on the main list, possibly new case fans and another hard disk as the budget allows.
  3. Finish reading the book I started over a year ago - Once I get through it I can start on something else.

The first goal can only be considered a partial success, I didn't contribute to the Open Source community as much as I could have done. This is partly down the the amount of travelling I do but is not a good enough excuse not to do more in 2008. On the positive side my contributions included a few forums posts and my Laptop installation guide. It was only the other day I received a comment on my guide from a person who found it useful. It was nice to have the feeling of helping somebody and it will encourage me to post more (and better) guides in the future.

The second goal was to upgrade my PC with a new TFT and GFX, well I am glad to say I managed that one. I was thinking of a further upgrade in 2008 but the system is still performing well. I threw some new games on it and they run fantastically. The next planned big hardware upgrade will not be until the end of 2008 beginning of 2009.

The third goal was to finish reading a book that kept taunting me with its unfinished status. Well good news, I finished reading it and can now file it away on a remote shelf some place to collect dust.

So I mostly met my goals for 2007 but now its time to set the goals for 2008.

  1. Contribute more to Open Source Software - The same as last year but as I need to do more its the first on my list.
  2. Backup Data - An important thing to do so I need to do a full backup and keep it up to date.
  3. Reduce Carbon Footprint - I have already done a bit to reduce my power consumption, lets see if I can do more.
  4. Try and avoid parking fines and other motoring offences - 2007 was expensive.

Let's see how I get on. Number 4 could be an interesting one to review and will probably summarise how well my year has gone.