An easy firewall for Linux

Saturday, 4/29/00
PMFirewall. I recommended this firewall-builder for Linux a couple of weeks ago (from InfoWorld’s resident Linux guru, Nick Petreley, gives it his seal of approval this week here.

As for making it a standard part of distributions, I e-mailed Jacques Le Marois, president of Mandrakesoft, inquiring just about that possibility. (As an aside, wanna know one reason why I like Linux? Le Marois answers my mail! And sometimes he mails me! Meanwhile, I know neither Gates nor Ballmer give a rat’s behind about anything I think or say.) Le Marois had a team look into it, but informed me that it could be tough to integrate. I’m wondering if maybe it shouldn’t be integrated into the control panel, rather than as part of the setup process (it’s specialized, after all). Hmm. Maybe it’s time to mail him again…

[E-mail him I did. And I have no idea if my lobbying had anything to do with this or not, but Control Panel-based firewalling soon became a standard feature in Mandrake and other Linux distributions. –DF, 5/23/02]

Identifying the motherboard in a mystery system

Wednesday, 4/26/00
I had to identify the type of memory a system in a remote location uses today. This technique won’t always work as smoothly as it did for me, but it gives you a fighting chance.

Life’s much easier with name-brand systems: go to Crucial, tell it you’ve got a Compaq Presario 660, and it gives you the Crucial/Micron part number. This wasn’t that easy. The system was built by Budget Computers, a clone shop in St. Charles, Mo. So, here’s how I identified it. I had the owner shut down, unplug the keyboard, and power back up. Up pops the dumbest of error messages–“Keyboard not present, press F1 to continue.” The good thing is, the BIOS code is there in plain view. In this case, it was i430VX-W877-2A59GPA9C-00.

I headed to, clicked on Spot (their board search engine), punched in the letters PA, since that’s the manufacturer code for Award BIOSes (they tell you how to extract the code from AMI BIOS strings as well), and found out it was an EPoX board. Good deal. I punched the part number code into their search engine and got a fat goose egg. Hrumph. I headed to EPoX’s site at, and found a list of EPoX BIOS codes in their knowledgebase. Cool. It turns out that i430VX-W877-2A59GPA9C-00 is the code for the EPoX P55-TV. Crucial doesn’t have a parts listing for the P55-TV, but EPoX’s site has the manual online in PDF form. I viewed the manual, and whaddya know, it’s got four SIMM sockets and a DIMM socket, and it supports FPM, EDO, and SDRAM, up to 128 MB. I happen to know that the 430VX chipset doesn’t cache more than 64 MB, so the utility of putting 128 megs in it is questionable (unless you’re going to make a 64 MB RAM disk under Windows 9x). I don’t know if that’s mentioned in the manual or not. I was mostly interested in whether it had DIMM sockets capable of taking SDRAM, because SIMMs are priced like highway robbery these days in comparison.

Head back to Crucial, tell it I want pricing on an SDRAM DIMM, and immediately I know the pricing on 32, 64, and 128 MB modules. Total time invested: 15 minutes.

And I had a college professor try to tell me once that the Internet isn’t a legitimate research tool. Well, legit or not, it gave me all the information I needed in slightly more time than it would have taken for me to disassemble the system and look for myself, assuming I was close enough to the system to actually lay hands on it (I wasn’t).

Why Linus Torvalds is more popular than RMS

Quote of the day. This one made me laugh out loud–probably because I have a journalism degree, I’ve seen journalism professors show up for class sloshed, a good number of my friends are journalists, and, technically, I’m a journalist myself.
“I know how journalists work. They drink too much and they search for interesting stories.” –Linus Torvalds, in the Spring 1999 issue of Linux Magazine.

As for Torvalds, his mom, dad, grandfather, sister, and uncle are all journalists. Yikes!

Stallman on the warpath. My chance to be divisive, I guess. As a journalist, I mustn’t shy away from it. Hey, we’re supposed to look for these opportunities. So…

GNU/Linux is a horrible name. Stallman’s efforts should be commended, yes. I believe they have been. Stallman’s not exactly a household name yet, but certainly more people know who he is now than a year ago. If he wants GNU and his Free Software Foundation to be known, he needs to borrow more pages from Eric Raymond, or even better yet, Torvalds.

As an aside, I had a conversation with a friend and one of his friends the other night over coffee, and the whole Linux/Open Source/Free Software/whatever topic came up (probably because he introduced me as, “Dave, my friend who wrote a book about Windows and now he’s writing a book about Linux.”). I was trying to explain Stallman, and finally I just said, “He’s so libertarian he doesn’t believe in capitalism.” She stopped for a minute. “Libertarians don’t believe in capitalism?” Sure they do, usually fanatically so. But capitalism puts certain limits on your liberties, and if those liberties mean more to you than capitalism, you can start to disdain capitalism. It’s strange, but remember, in the 1930s the leaders of Germany, Italy, Japan, and Spain took conservatism to such an extreme that it led to a form of socialism. The boundaries blur at the edges.

End aside. Raymond and Torvalds are better known than Stallman partly because they’re nicer and more reasonable people. Want proof? OK. Here’s an interview with Stallman, here’s one with Torvalds, and here’s one with Raymond.

It’s pretty clear from reading these interviews why Torvalds is the most popular of these guys, and why he’s become a bit of a media darling. Yes, he looks more like the anti-Gates than RMS or Raymond, but there’s more to it than just that: He’s more charismatic, he’s less intellectual (though he’s obviously a brilliant guy, he’s much more apt to laugh or crack a joke than try to convince you he knows more than you do), and he’s considerably more humble. He’s a likable guy. More likeable than Stallman or Raymond, and more likable than Gates.

Harping the GNU/Linux thing isn’t going to accomplish much. People have a hard enough time figuring out what Linux is supposed to be. And where do we draw the line? Sure, Linux isn’t very useful without some set of utilities (and the GNU utilities are the most commonly used). But what about XFree86? That didn’t come from GNU. But if it weren’t for XFree86, very few people would be interested in either GNU or Linux. And what about KDE? Stallman hates KDE because it dares to use the Qt library, which wasn’t always GPL. But it’s largely thanks to KDE that we’re not stuck using the often-convoluted interfaces that shipped with early Linux distributions. Without KDE, there probably wouldn’t have been a GNOME in response. OK, so now we’re up to GNU/Linux/XFree86/KDE. Oh yeah. A lot of the daemons people use with Linux (minor details like Sendmail and BIND–just the building blocks of the Internet, nothing to get worked up about) came not from GNU but from the BSD project. GNU/BSD/Linux/XFree86/KDE, anyone?

This becomes a convoluted mess. Maybe “Linux” isn’t the best name (if we named all OSs after the kernel, Windows 9x would still be called DOS), but it’s the name people recognize. My goal in writing is to communicate as clearly as possible. That means using the popular name.

A makeover for Stallman. I’m already in trouble, so I might as well get in a lot of trouble. We find out early in that interview that Stallman lived in is office for 13 years or something. He had a bed in his office! What, did he sleep there, wake up, code for 16 hours a day, except for breaks for meals and a break for a shower whenever he felt like it? As Torvalds says, journalists look for interesting stories. Here’s an eccentric guy. Let’s find out more about his eccentricism. Find out about the eccentricism, you learn about the dedication. It sounds like this guy just might be more dedicated and fanatic about software than Martin Luther was about Jesus. How can that be?

In fact, Stallman may have logged 16-hour days at the keyboard. He alludes to it in the interview, when he says he suffered carpal tunnel syndrome from too much coding. But he didn’t talk about it.

Stallman has this ridiculous folk song he plays about how hackers need to follow him, and they’ll be free. He alludes to folk music in the interview, how one person can take a song someone took from someone else, and it becomes a rich thing. What if Stallman brought his acoustic guitar to this interview, said, “Like this!” and played his ridiculous song, then said, “Hmm. Maybe not.” A little self-depracating humor works sometimes. Especially when you have a reputation for being pompous and arrogant. Just ask Linus.

People have to have a compelling reason to listen to you. Giving them a bunch of free stuff is a good start, I’ll admit. Though he speaks about word processors in a demeaning manner, which may make some programmers born and bred on text editors stand up and cheer, but I’m not sure I like the tool of my trade looked down upon in that way. I’m sure my mom doesn’t. The tools we need are different from the tools rms needs, and he needs to recognize that.

So, the difference between my mom and me. I have to listen to Stallman, I have to at least feign interest in who he is and what he’s doing (and to be honest, I don’t have to try all that hard) because I’m being paid to write a book that’s almost as much about him and his work as it is about Torvalds and Gates. But why should my mom give a rip about this guy? And therein lies the problem. With years of retraining, my mom could get her job done with a Linux (or better yet, Hurd, so Stallman and GNU can get all the credit) box running GNU Emacs. Hey, it’s a text editor, it’s a Web browser, it’s a programming environment, it’s a dessert topping, it’s a floor wax! And at the end of this retraining, I could then look her in the eye and say, “You’re free.” And you know what she’d tell me? She’d give me a dirty look and tell me it wasn’t worth it.

Stallman’s attitude is, “I’ll sacrifice a little (or a lot of) convenience in order to be free.” Torvalds? He freely admits his mom uses a Mac, his dad uses Windows, and his sister uses Windows. Then he corrects himself. “No, she [his sister] uses Microsoft Works. Windows is nothing more than a program loader to her. She doesn’t care how these computers work.”

I think the contrasting attitudes have a lot to do with why Torvalds feels he has too much attention and Stallman not enough. People more readily identify with Torvalds.

What to do when defrag won’t finish

Optimizing a DX4/75. Talk about bottom fishing! But I do what I have to. This DX4/75 was driving me batty because it was taking a minute and a half to boot, and 30 seconds to load Word. Hard to believe this was once considered acceptable, even good, performance for Win95. But I couldn’t do much about it because with 16 MB RAM, Defrag kept getting interrupted. I fixed that. I opened win.ini, found the line that read shell=Explorer.exe, changed it to read shell=defrag.exe, rebooted, then defragged. Defrag was able to run without interruption, and significantly faster since it wasn’t competing for limited CPU cycles and physical memory.
When it finishes, the quickest way to get regular old Windows back is to hit Ctrl-Esc to bring up Task Manager, hit File–>New Task, type Explorer.exe, then edit win.ini and change the default shell back to Explorer.

But if you gotta get a system defragged absolutely as fast as possible, try the shell replacement trick. I’ve never seen this documented anywhere, and to tell you the truth, I thought of it in a moment of desperation. But it worked.

A freeware (GPL) boot manager

Want to boot multiple versions of Windows 9x, DOS, NT, Linux, and BeOS on the same machine? (Hey, there’s use for that 40-gig drive after all!) Potentially, you can use XOSL to do that. The screenshots look really slick–this could be a System Commander killer.
I’ll have to put a fresh drive in a machine and experiment with it this weekend. Use at your own risk–the version numbers suggest it’s stable, but I only point it out because it sounds interesting, not because I’ve tried it. (I usually try things out before posting links, but this seems too cool to keep to myself, and I’m short of time.)

Optimizing Windows startup

Mail. More Windows optimization questions.

From: ChiefZeke
Subject: Re: Items to consider
To: Dave Farquhar


Would things be a bit faster if the user opted to start programs via the ‘RUN’ function of the Registry rather than via the Startup folder? I have seen this option mentioned in a couple of magazine articles.


I imagine they would be slightly faster, since the file and path names, etc. would be stored in registry keys all in one place as opposed to individual icons, one per program, scattered all over the place.

You might also use run= strings in win.ini instead–I suspect that technique would be faster still, being a flat text file rather than a convoluted database.

Now, whether doing this would make any noticeable difference on a modern PC is another question. We may be talking shaving fractions of a second off your boot time. I imagine the difference would be more noticeable on marginal machines (though I’m not very eager to re-commission my 486SX/20 to try it). I just saw a 486DX4/75 laptop today that takes 1.5 minutes to boot Windows even without any items in any of the startup places and a fully optimized msdos.sys–a decked-out modern system similarly configured could boot in about 15 seconds. I can’t imagine your system needing much more than 20 seconds to go from POST to desktop (I’m not familiar with modern Western Digital drives like you have but I imagine their performance must be comparable to the Quantums and Maxtors I use).

This trick dates back to the Win3.1 days, and it was a really good idea way back then–the startup group actually consumed system resources, plus valuable entries in the Windows directory, so eliminating startup and placing items in win.ini could seriously improve a system’s performance back then. Today, Win9x has much better resource management, hard drives and CPUs are much faster, so you don’t hear about it as much anymore.

Very little else for today. I found my copy of the Lost Treasures of Infocom (both volumes) this week, including Bureaucracy, a text adventure I was never able to beat. I found a walk-through that got me past the part that had me stuck.

It’s a whole lot faster on my PC than it was on my Commodore 128 (which was the machine I originally bought it for, what, 11 years ago?). Amazing how much fun a 12K executable paired up with a 240K data file can provide… (And I’m running this on a dual-processor machine with 96 MB RAM and an 8.4-gig hard drive, both due to be upgraded? Something’s wrong here…)

Forcing Windows 9x to a certain refresh rate

Tuesday, 4/18/00
Manually setting the Win9x refresh rate. Write this down or bookmark it or print it or otherwise save it somehow. Occasionally a monitor will go goofy on you when Windows decides to use a weird refresh rate that the monitor won’t support. Sometimes Windows (especially Windows 95) just flat refuses to work with a really old VGA monitor because it insists on using something other than 60 Hz. Or maybe Win9x just isn’t using the highest rate your monitor supports. In NT, you can manually set the refresh rate. In 9x, you have to go spelunking. Boot in safe mode (which uses boring but safe 640×480, 60 Hz), set the resolution to something you know works, then open Regedit and navigate to HKLM\System\CurrentControlSet\Services\Class\Display.

Many installations will have multiple forks at Display, starting at 0000. The highest number is the active video card. Select it and navigate to Default\RefreshRate. It will probably be set either to -1 or 0. Change that value to 60 to get a safe 60 Hz rate.

To improve your display, change it to a rate your monitor supports–at your desired resolution. Remember, refresh rate comes at the expense of resolution. Some monitors advertise obscenely high rates, but those will generally only work at 640×480. Most monitors top out at 85 Hz (at best) at usable resolutions. Check your documentation that came with your monitor if you’re not certain.

Be careful–overdriving your monitor or your video card can seriously damage one or the other, and I can’t take any responsibility for that.

I used this trick to get Windows to work with a number of really early VGA monitors. For the software I was wanting to run, they were perfectly adequate.

The Uwe Sieber Utilities. German programmer Uwe Sieber has assembled a great collection of DOS and Windows 9x utilities. I know I’ve mentioned them before, but they warrant another mention. If you need mouse and CD-ROM drivers that occupy as little memory as possible, if you need to wipe a hard disk totally clean and your disk manufacturer doesn’t provide such a utility, or if you need to analyze Windows’ bootlogs, Uwe’s place is the place to go.

Forever a senior

My sister’s in town, and we were out shopping (she tells me what I need, and I go buy it–what was that I said about bachelorhood?) and she suddenly bolted. “Huh?” says I. “Johnson,” she pops her head around the corner again, then bolts.
Suddenly I hear a vaguely familiar voice behind me. “You!” I turn around, and one of my sister’s ex-boyfriends is standing there. He points where he expects to see my sister, “And You!” But she’s nowhere to be found. He shrugs.

“What are you doing here?” he asks.

“I live just up the street,” I say. He gives me a shocked look. My family moved out of St. Louis five years ago, and I was the only one to come back. Evidently no one told him. No biggie. We were always civil, but hey, we ran in different crowds and he was dating my sister and they didn’t part on the best terms.

We got to talking a bit. He finished high school, but none of his brothers did. Some of his friends did, some didn’t. They all got jobs that paid what looked like good money straight off–and still looks like good money, but good money at 22 is very different from good money at 35. We talked a bit about what we were each doing. In his case: “Stuff, here and there.” I was able to infer from other things he said later that he’s working mostly as a mechanic but not holding down any job for very long. He went to a junior college, ended up on academic probation, and got kicked out. (I’m pretty sure I could just show up for the finals for any given class at that particular junior college and stay off academic probation, but that’s just me.)

He asked about me. “Bachelor’s of journalism, 1997, working fixing computers, writing books at night.” He asked if I liked it. I was honest. Books yes, computers no. But once I have two books in print and selling I can ditch the day job. That impressed him–“At least you’ve got a plan to get what you want.”

My sister came out of it a bit shaken. He still looks exactly how he did at 18. But his looks are about all he’s got. Looks and a fast life, dating strippers and Hooters girls and going to strip clubs every other weekend, but it’s no different or better than senior year of high school–except the drinking and strip clubs are legal for him to do now. You know how they say, “forever a senior” when someone dies tragically a few weeks or months before graduation? He’s living that. A life forever looking back, because there’s not much worth looking forward to. And once the looks go…

I can’t say I’m jealous. I told my sister she shouldn’t be either.

Windows NT profile weirdness: A cure?

From: Malcolm James
Subject: NT switches between local and roaming profiles [comment on View 10]
I just saw your question “Anyone ever seen NT switch between local and roaming profiles?” in View 10.

This used to happen to me too, about once every two months on average, but sometimes twice in the same week.. Using NT4.0J SP4 on a peer-to-peer NT workstation domain with no NT servers, NT occasionally created a new profile when I logged on. The old profile got renamed to username.bak, just as your analyst reported. Renaming the old profile and reconnecting shares puts everything back to normal.

We couldn’t find a documented solution, but one suspect was the size of the profile — 320MB, including an Outlook Express mailstore in its default location within the profile. Eventually I relocated the mailstore to a different partition and the not-recognizing-the-profile problem seems to have gone away. We still have no proof that the size of the profile was the cause..

Another suspect was that at one stage we’d had NT setup with the local profile pathname explicitly named in the profile section of the user manager. We later deleted it when we realized the pathname was only needed for remote profiles, but it may have left the registry confused at some point.




Overclocking Pentium-75s

I had an overclocking conversation at work today. A coworker wanting to overclock a laptop. I told him I didn’t think that was a good idea. Then this was waiting for me at home:

From: Curtis Horn
Subject: Pentium-75

Hello, I’m one of your readers and I check your view for the tips you sometimes put up. I’m working on a compaq pentium 75 also and maybe you can do what I did. Overclock the chip to 90Mhz. the way I did this is by changing the bus speed to 60Mhz, from 50. this has speed it up significantly I think because the memory is also speed up. You’ll also get a laugh out of this, it’s a Compaq 972 and it has 8MB of memory — ON the Mother board!! I could not believe it. but it’s there. Luckily this leaves 4 simm slots open, so i can add 4 8MB SIMMs. (16MB SIMMs are way to expensive and I have some 8MB laying around and can buy some more for 10$ each) I convinced the person to buy a 5Gig quantum drive, so they have something they can use when they upgrade. Well hope the P75 you’re working on OCs as easily as the one I have here.


Compaq used to put a fair bit of memory on the motherboard itself. My Presario 660 (a 486/66) has 4 MB on the board. There are a couple of Compaqs from the 900 series still floating around at work that have 8 MB on the motherboard as well. But it’s not a common practice anymore, and I don’t recall any other manufacturer who did that regularly–I remember Compaq doing it because I used to sell Compaqs by the truckload and frequently I ended up adding upgrades to them.

Bus speed isn’t nearly as important in the Pentium Pro/II/III/Celeron and AMD Athlon arena, but in Socket 7 and earlier, you’re right, it makes a huge difference. Remember, the bus speed determines the speed at which the CPU can access the memory and the cache, and as the Mendocino Celeron illustrated, cache speed is more important than CPU speed or cache size. In the early days of Tom’s Hardware Guide, Tom Pabst revealed that a Pentium-150 running at 75 MHzx2 outran a Pentium-166, and a Pentium-166 running at 83MHzx2 outran a P200. So what was the point of buying a P200 if you weren’t going to overclock it, right? Ah, the good old days…. This, of course, was one reason Intel decided to start locking CPU multipliers.

The speed of the PCI bus was also tied to the bus speed. A good Pentium-100 could outrun a Pentium-120 because the Pentium-100 had a full 33 MHz PCI bus while the Pentium 120’s PCI bus ran at 30 MHz. The Pentium 75’s PCI bus ran at a pokey 25 MHz. Nobody wants to slow down their video and disk performance by 10 percent, let alone 25 percent.

Overclocking P75s is risky business though. Intel never intended to make a P75. The problem was, they had terrible yields initially on their P90s, but they found a good percentage of the bad chips would run reliably at 75, so they created the P75 and phased out the P60 and P66. (The P66 was actually a better performer because of the bus speed.) The P75 sold like crazy, and Intel wasn’t going to can a best-seller, so once they got over the yield problems, they still marketed P75s. I’ve heard of people going as high as 133 MHz with P75s. I experimented once with a P75 and took it as high as 120 MHz, but couldn’t get 133 (I suspect people getting to that level may have been increasing the voltage). It didn’t run reliably at 120 MHz for long, though I know of people who swear up and down they got 75’s running at that speed reliably with no special tricks.

Overclocking an old chip like that is fine, as long as you’re aware of the risks and willing to live with them. I’d definitely put a heavy-duty CPU fan on it (like a PC Power and Cooling fan for a high-end K6-2). In my case, I’m more interested in having a PC that’s as reliable as possible. Her life’s plenty complicated enough without having and overclocked P75 to deal with.

And we now have better ways to measure overclocking’s effects. Microsoft doesn’t have a dog in this fight but they see the weirdness.

But thanks for the idea, and for the stroll down memory lane, definitely.

David L. Farquhar, computer security professional, train hobbyist, and landlord