Letters

Use Linux and Save

I've been a Linux user and Linux Journal subscriber since the mid-1990s. I recently converted our home Internet machine to Linux after one too many virus attacks. Since the conversion, we've had zero problems with viruses and worms. Last week, my wife and I were in Funchal, Madeira, looking for an Internet café so we could e-mail our kids. The place we found had the attached ad in their window. Thought you'd get a chuckle out of it.

Advertiser Should Check Facts

The cartoon on page 27 [advertisement for Hentzenwerke Publishing—Ed.] bothered me because it is just so blatantly inaccurate. Opera, Firebird, WordPerfect and RealPlayer all are available for Windows, and some premiered on that platform. There are plenty of reasons why Linux is great without having to make up stuff!

—
Chris Schoenfeld

You're Supposed to Eat the Penguin?

We use this image for an evangelization campaign in Mexico (cofradia.org/modules.php?name=News&file=article&sid=7103). It is my son Luis Fernando eating a Tux toy.

Sewing Project

I have subscribed to your magazine for about a year and a half, and I love it. I have learned so much from it. I wanted to send you a picture of my son with a Tux shirt my wife embroidered for him. Linux is very popular here and all my kids are getting an early start. Thanks.

Quality Grammar

I wanted to drop you a line to express my appreciation for the extra effort you folks appear to be making relative to the use of proper grammar. The absence of split infinitives and the correct positioning of the word only right next to the word or phrase it is intended to modify (rather than as early as possible in the sentence, a horribly bad practice that often thoroughly confuses the author's meaning) are just two examples of the high standard you are following. Thank you—some of us out here really do notice the difference.

—
craig.p

More Air Traffic Success

Thanks for the article on Linux in Air Traffic Control in the January 2004 LJ. Tom Brusehaver is quite right—Linux is ready for use in ATC. I'm just back from a tour of EuroControl, Europe's only multinational ATC. Our guide opened up the back of a controller's console so we could see the equipment running the displays, and when I asked him what their upgrade path was going to be from the old Compaq Alpha boxes that currently run the displays, he said that a pilot is now underway and Linux on x86 is scheduled to be deployed next year.

So, in 2005 Tux will be running the displays of the controllers responsible for airspace through which 19% of all European flights pass. That penguin's come a long way.

—
Jim Hague
Oxford, UK

Bad Webmaster, Bad, Bad!

I currently use Mozilla on my Linux desktop. My bank recently informed me that it will be supporting only Internet Explorer. Without an effective counterattack against critical IE-only Web sites, the Linux Desktop and the Mac are doomed to extinction.

—
William Mitchell

Check “Online Banking with Konqueror” for compatibility reports from smarter banks (home.in.tum.de/~strutyns/banking.php). —Ed.

Photo of the Month: Hey, Nice Outfit

Here is a picture of our little girl with Tux wearing her penguin Halloween costume.

If we get you the material, will you make us one too? Photo of the Month gets you a one-year subscription. Photos to ljeditor@linuxjournal.com. —Ed.

The ESTABLISHED Rule

I enjoyed reading Mick Bauer's “Application Proxying with Zorp, Part I” in the March 2004 issue. In the “Firewall Refresher Course” section, Mr Bauer states that in a stateful packet filtering system “...firewall rules need address only the initiation of each allowed transaction.” He gives a comparative example between stateful and non-stateful systems in Tables 1 and 2. Although Mr Bauer was referring to stateful packet filtering systems in general, I'd like to point out that his explanation is not correct with respect to the Linux Netfilter package. My understanding of Netfilter, and the way I've been using it the last two years, is that a rule is required to permit packets that are part of an existing session to traverse the firewall (for example, -m state --state ESTABLISHED). This assumes that a default policy of DROP is used.

—
Terry Montgomery
President of Central Valley Area Linux Enthusiasts (cvale.org)

Mick Bauer's reply: I was generalizing. The point was to explain how stateful packet filtering differs from non-stateful filtering, not to explain how to configure Netfilter/iptables. Given the complexity of Zorp, the real topic of that article, I didn't want to spend more time than I had to on Netfilter basics. Anyhow, you're correct in pointing out that for the stateful magic to work in actual Netfilter/iptables practice, you need a single -m state --state ESTABLISHED rule at the start of each of your chains.

Internet Safety?

I am enjoying my second year as a subscriber to Linux Journal. PC Magazine had a really good issue this month concerning identity theft, spyware and viruses. This started me thinking. How does Linux combat these threats? Is it a concern within the Linux community? How does Linux stack up in this arena?

—
Robert Stewart

All of these problems are commonly spread through forged e-mail, and you can fight forged e-mail with SPF (page 50). If you don't run your own mail server, ask your ISP to use SPF to protect you. —Ed.

Erratum

Regarding “Manipulating OpenOffice.org Documents with Ruby”, LJ, March 2004—it's come to my attention that I incorrectly attributed REXML, the Ruby XML library, to Sean Chittenden. The actual author of that library is Sean Russell. —James Britt