Archive for February, 2011

Why is Port 21 apparently open on my firewall?

Monday, February 28th, 2011

Scenario: You set up a server somewhere on the public Internet.  You lock down its ports to the minimal subset you need using firewall(s).  Yet, somehow and for some strange reason, nmap reports that port 21 (FTP) is open on your server!  Sure enough, you do a “telnet myhost.cxm 21” and it connects!  Shit-damn, what’s going on??

Don’t bang your head against your iptables or pf or PIX or ASA config.  First, check to make sure that the environment you’re checking from behaves right.  Do a “telnet 21” and see if it connects.

Some NAT setups in offices apparently try to do some stateful inspection of outbound active FTP in order to rewrite the addresses/ports involved, and these can intercept outbound requests on port 21, making it seem like any host is picking up on that port.

Try nmap’ing or telnet’ing from an outside host directly connected to the public internet.  And make sure that your subsequent security scans/checks come from such a host.

Capital As A Service: A Manifesto

Thursday, February 24th, 2011

We have been misled.  We, the entrepreneurs, early employees, and investors who power the world of technology startups, are told that “everything has changed.”  Everything is now “agile,” “lightweight,” and “flexible,” and it’s all going to be available to us “as a service.”  We create user-friendly experiences, using elegant free open source frameworks, running just as many EC2 instances in the “cloud” as we need at any given moment.  We coordinate the world’s information by mashing-up APIs from across the Web, and we coordinate our dev teams with daily Scrum standups and free collaboration tools.  A book can tell you how to have an “epiphany” and learn all this for yourself, and a thriving startup culture on the coasts, in the Rockies and Chicago, and elsewhere will support you.

But everything has not changed.  Just try raising capital.

Software is now a service.  Hardware, indeed, infrastructure is now a service.  Need an office?  Use a Web service to pick a short-term coworking space.  Outsourcing?  Sure — there’s a service to manage those service providers.  Hell, the boys at OnCompare now have a service to help you select the services.  Everything you need is discoverable, trialable, and available 24/7, online, with a few clicks and a credit card, right?

But the moment you start to feel the rhythm, decide you want to dance to the music, and try to roll up funding to grow one of these agile new businesses, the record screeches to a stop.  Needle scratch, and silence: a disco full of folks staring at you.  Are you crazy?  You want what on demand? Capital as a service?

Yes.  You want just enough of it, just when you want it, conveniently and as automated as possible.  You want to try it out in 10 minutes, understand it, trust it, and, if you like it, use its APIs to integrate with your business processes.  This is how you advertise for clicks, how you get a new logo designed, and how you provision servers.

So what is money’s major malfunction?  When you can get 100,000 virtual server instances started for you in a minute, why does it take days and weeks (or worse) to get $100,000 in working capital?

Something’s wrong with this picture.  And it’s about to be fixed.

Find a money-man and ask him about “efficient markets.”  He will give you a sparkling smile and tell you the MBA answer, that markets tend to squeeze out transaction costs, and costly middlemen, and price gaps.  Then ask him about the cost of doing transactions with him.  Or ask if he’s a costly middleman.  Or ask what “price” he pays his investors to use the money.  Is he still smiling the MBA smile?

We like having coffee with our investors.  But you shouldn’t have to savor a fine latte from Cherry Street or Coupa to get funding.  Sand Hill Road is a lot more fun to travel on a bicycle carrying a picnic, than in a rental car carrying a pitch deck.  And banks are more fun once they’re turned into bars.

Money, especially the “buy side,” loathes change.  From where Money sits, everything is fine: by definition, wherever the Money is, folks are feeling pretty flush.  And so the Money will resist change, it will cling to its prerogatives.  Bankers would still be on the golf course by 3 PM if ATMs hadn’t revolutionized their customers’ expectations.  For heaven’s sake, it’s the year 2011, and the New York Stock Exchange still closes at 4 PM.  The barbarians are at the gates: it’s about time for the “buy side” to get a little less comfortable.

About to go public on the Big Board?  Toying with a half-billion M&A offer?  Trying to pioneer commercial space travel?  Building nuclear submarines?  OK, you want old-school money from old-school money-men, with old-school suits and rich mahogany, Corinthian leather, and white-shoe lawyers.  But rolling up the cash to take your SaaS company from $2 M to $4 M next year?  It it worth 12 weeks of pitching and partner meetings and Purell between uncounted firm handshakes, with no guarantee of success?

We think not.  For a specter is hanging over the Internet: the specter of capitalism.  And we believe that capitalism should and will deliver its promise as a service.  We at RevenueLoan are not the only ones who see this; we may not even be the ones who ultimately realize it.  But make no mistake: capital for growing technology companies is going to be available on-demand, as a service, and players in this market who ignore this trend do so at their peril.