Todd wrote a post today about Chris Anderson of Wired magazine using two Ethernet cables at his desk: one went to the Conde-Nast internal network, the other goes out to the wild internet, without the corporate firewall intervening.

I tried to leave this as a comment to Todd's blog, but comments seem to be hosed on multiple levels (starting with using style="visibility:hidden" in a <div> around the spam-test block, but since the comment URL 404's when I tried to force a post from the command line, I'm adding my comment here, and outing myself to the IBM Internet Coordinating Council as a flagrant violator of some security principle or another. Fire me.)

When we moved the ibm.com team to 55 Broad in 1996, we unexpectedly had to use Internet connectivity through an ISP in the building since IBM's own networking group failed to have any connectivity for us in place until nearly four months after we moved in. So, for much of that time we all got used to having great access to the Internet, and lousy access to IBM's internal network. Trust me, there wasn't much to access on IBM's internal network, but doing Lotus Notes' replication over dialup was incredibly painful.

Anyway, when Advantis/IBM Global Network got their act together and finally configured our networking, they included both a T1 to IBM's internal 9. network as well as a T1 (that sounded so cool then, our own T1!) to the wide world, unfiltered, unfettered.

Most of the time, that external T1 sat dormant.

But one day I got incredibly frustrated that the socks gateway, which wasn't even formally officially supported by the CIO until maybe late 1997 or 1998 even, was overloaded beyond belief and I couldn't get in to see what was going on with the site I was responsible for, www.ibm.com.

So I got to thinking: self, you have an Internet connection here. You're smart and not running windows, so why not just hook in?

Everything in the office ran on neutral cat-5 cabling. We were required to run Token Ring by IBM's real estate fiefdom for reasons which have been long erased from my memory. But all of our RS/6000s had Ethernet built in, and we had Ethernet adapters for many of our PCs.

So… it became a regular habit of mine to flip networks and surf/work/etc. using the unfiltered, unfirewalled, unprotected T1 I had access to. While it would have been trivial to sit on both networks simultaneously, it was actually a pain in the ass since OS/2 and then Windows (which I'd switch to in mid-1998) really hated having multiple routes and multiple adapters in use at the same time. You could do it, and I'm not denying that it's possible that mistakenly I did do it, but it wasn't a practical way to work.

Eventually socks gateways would become better supported and managed and provisioned (and I assume aren't even in use anymore, transparent NAT firewalls having supplanted them).

But I totally understand where Chris Anderson is coming from in having both ways of getting online (my personal preference was to have a red cable for the un–firewalled connection).

And to any members ICC "family" who'd like to complain: feel free to get me hired to get me fired over this offence (though technically, as the ICC site representative, I reviewed and approved the connectivity in question).

P.S.: will someone please fix Todd's blog setup? The comment form is hosed, the comment URL 404's and the trackback URL will do a redirect, which is wrong since trackbacks are supposed to be POSTed and as any newbie webmaster knows, POSTs are not redirected.