How I made money with Open Source

By John Connelly
JC Computer Services

I’ve tinkered with many open source products over the past couple years, but I’ve never installed any for a client. For a friend, I installed Mepis on his son’s desktop to stop the torrent of malware, and I’ve played with Ubuntu on my laptop and struggled with wireless driver work-arounds. Never made a dime on it until I was inspired by a frequent forum poster here at The Forcefield. Then, with my inner salesman awakened I scored BIG.

The Scenario: Important client has employees that work from home, some travel across the country. Their current solution is to RDP directly into their 2008 Server. They are forwarding port 3389 to the server, and logging in with very weak passwords. Given the nature of their work, HIPAA laws apply to them. Obviously this solution is a major security breach waiting to happen.

I suggested a VPN solution. I explained what it was, how it worked, and showed them various solutions provided by Sonicwall, Firebox, and Cisco. Given the number of VPN connections they needed, all of these solutions were rather pricey, and had subscription-based licensing fees. They would have agreed to one of them, they had to do something soon. Now that they had a ballpark dollar amount in mind, I told them I could build a VPN appliance for less that had no re-occurring fees. I chose OpenVPN, and here is how I did it.

First, I had to choose between the free community version and the paid version. The free one has the benefit of being….free. The paid version has GUI menus, simple installers, and more extensive tech support. Being new to OpenVPN, and with a big client at stake, I chose the paid version. So I shelled out $50.00 for 10 licenses, this gave me 12 licenses total (2 are free). Given the huge licensing fees that others charge every year, I had no qualms about the amount. The free community-based version can do everything the paid version can do, but I needed to implement this fast and needed some hand-holding.

Based on another recommendation of a forum poster, I chose a simple 1U server to run it on. They already have a rack, and it gave my product the shiny high-tech feel it needed to help justify the big markup. It would have run much the same on a beat-up old Dell I had, but I needed it to look cool.

My next choice was the OS to install it on. There are many Linux distributions supported, including Ubuntu, which I almost went with. In the end I chickened out and went with XP Pro. When I have more time to test and become more familiar with how OpenVPN and Unbuntu work together, I will have it ready for my next client. I downloaded a VMware Player and a VM of OpenVPN, and installed both. The setup was very straightforward. You have to choose between running it routed or bridged mode. I chose bridged. I gave my box an IP on the network, and port forwarded 443 to it. I also changed the default admin password.

Now I had to decide how to authenticate users. They are running AD on the server, OpenVPN supports connections to AD via LDAP. Installing LDAP on the server was simple, I had it replicate the AD directory. In OpenVPN, I entered my admin username and password on the server, and its computer and domain name. It connected, and found my users. I could have chosen to input usernames and password into OpenVPN, or setup a RADIUS server.

Setup on the client was the easiest part. Open a browser, go  to https:\\ OpenVPN will present you with a login screen. Enter your user’s AD username and password, and you will see a customized link to download the client software. The link is generated dynamically when you first log in. For my Windows clients, I used the Windows installer. I had one Mac client, the OpenVPN site recommended I use Tunnelblick (a free VPN client). I could not get it to DHCP properly. A bit of research brought me to Viscosity. For $9.00, I bought one license and it had it working in 5 min. It recognized the client.ovpn file that OpenVPN generates, and imported without any issues.

Finally, I had my users select new passwords that did NOT have word “password” in them. Because OpenVPN was connected to AD via LDAP, it picked up the new passwords too. RDP now uses the internal IP of the server, and I stopped forwarding port 3339 on the router. Done.

The technical part of this job was fun. Setting up an open-source VPN was a great learning experience for me, and gives me a great new product. Salesmanship played a big part in this though, and it does not come naturally for me. In the end, it was an easy sell. I charged the same price for the box as the other commercial guys do, but made my main selling point the licensing fees. Others charge per year, I charge a one-time fee. Perhaps for new clients I will offer a smaller yearly maintenance fee. Still learning.


About the author:

John Connelly owns and operates a home based computer business serving homes, non-profits, and small to mid-sized businesses with their IT needs including repair, networking, planning, and more.  JC Computer Services has been in operation for 9 years, six in Plymouth, Ma.  His primary interest is in problem solving which keeps him getting up in the morning despite that his boss is a workaholic.

Business Legal Guide Books from Nolo

 This is a collection of 36 titles from Nolo covering legal topics from buying and starting a business to managing and selling one. For details and to purchase a title, simply click on the icon for your book.





Beating the IT Budget Crunch

How Savvy CIOs are Cutting Costs and Using IT Compliance Automation to Make Impressive Gains

Agiliance NewsWatch Series


SAN JOSE, Calif. (Business Wire EON/PRWEB ) October 15, 2008 — Typically fall is synonymous with football, pumpkins and leaves crunching on sidewalks and driveways. This October it seems the crunching is coming from IT budgets in the fists of watchful CEOs. Still, theres always a silver lining for smart companies determined to progress in the face of tough economic conditions. Despite being squeezed by increased security threats, compliance pressures and shrinking budgets, savvy CIOs are using the power of automated IT compliance software to help their businesses thrive.

CIOs are watching costs closely as our economy falters at the same time expectations for IT performance are rising

The key is to be bold, but not reckless. In spite of budget constraints – today's high-performing CIO is adept at balancing the competing demands of driving business innovation while coping with economic disruption.

A successful IT risk and compliance program not only reduces IT spending, but can help bridge the gap between senior management's business goals and IT operations by helping to ensure that consistent and accurate information flows across the organization

Automated IT risk and compliance solutions can provide decision makers with the current and accurate intelligence they need to better understand how IT risk affects their entire organization.

CIOs are watching costs closely as our economy falters at the same time expectations for IT performance are rising, says Sara Gates, VP of Strategy, Agiliance, a provider of IT risk and compliance software solutions for Fortune 1000 companies. The key is to be bold, but not reckless. In spite of budget constraints todays high-performing CIO is adept at balancing the competing demands of driving business innovation while coping with economic disruption.

As companies enter a new era of corporate governance, risk management, and compliance (GRC) demands, winning companies are using technology to automate compliance initiatives and get more efficient. In fact, the rising tide of IT security threats and compliance demands, coupled with a struggling economy, is driving the adoption of automated and innovative, intelligence-based solutions for todays risk and compliance challenges. Recent industry reports confirm that highly automated IT risk and compliance solutions are helping companies cut compliance costs by up to 70%.

Beyond Compliance: Making IT Your Competitive Advantage

The fact is IT can be a competitive advantage. The key is that successful businesses must optimize IT by making strategic cost cutting decisions, build IT by investing in projects that give the company a competitive edge and empower IT by strengthening communications between IT and business executives. Recent speculation by leading analysts suggests that senior managements lack of understanding about their risk posture may have been a contributing factor to the crash of many heavy hitting financial institutions. More than ever, companies that want to avoid negative headlines must find ways to erase the lines of division between IT and business that may be preventing visibility into a companys greatest risks or strengths.

A successful IT risk and compliance program not only reduces IT spending, but can help bridge the gap between senior management's business goals and IT operations by helping to ensure that consistent and accurate information flows across the organization, said Kenneth Tyminski, former CISO of Prudential and member, Agiliance Board of Advisors. Automated IT risk and compliance solutions can provide decision makers with the current and accurate intelligence they need to better understand how IT risk affects their entire organization.

Cost Cutting Tips for Beating the IT Budget Crunch

The bottomline is that IT success requires the right balance of belt tightening paired with strategic investments to fuel innovation and growth. Successful CIOs are leveraging IT as an asset in spite of external pressures to control risks while regulators are becoming even more aggressive.

Read more about IT compliance automation and other IT cost cutting tips:

Agiliance IT Risk and Compliance Software

Agiliance offers highly-automated IT risk and compliance management software products designed to help organizations thrive in the face of mounting pressures to manage and balance risk, compliance and IT budgets. By leveraging the power of Agiliance software, businesses can make impressive gains in their IT risk and compliance efforts including reduced audit burden, increased visibility into current compliance and risk status, and improved leverage of IT resources.

To speak to an Agiliance expert about a topic covered in the Agiliance NewsWatch series, please contact Lorraine Kauffman-Hall at 704-882-0443 or To learn more about Agiliance, please visit

SMB Best Practices Guide to Making a Network Connection

Request Your Free White Paper:

"SMB Best Practices Guide to Making a Network Connection"

Read about solutions that will meet your network needs today and tomorrow, at a price you can afford.

Building a scalable and efficient network infrastructure is more than just the equipment installed; it involves the type of network, size of the pipe, and Internet connection your business needs. With so many options, it's easy to get lost and not know where to begin.

Learn more about the technologies and network solutions designed specifically for your small or medium business. This free white paper presents you with the best practices on everything from infrastructure implementation to network management.

Geographic Eligibility: USA

Publisher: ADTRAN, Inc

Request Now  

To Buy or To Lease Equipment – That is the Question for Small Business Owners

According the Small Business Administration, more than 600,000 small businesses are started each year in the United States. And David Birch, former head of a research firm specializing in small business data, found that 85 percent of businesses fail in their first year. While those new businesses range from home-based, online and traditional brick and mortar establishments, most of these businesses have one thing in common – they need equipment to be able to operate successfully and avoid becoming one of Birch's statistics. But because there are costs, often large ones, associated with starting a new business, many business owners are faced with the question of whether to buy or lease equipment. Commercial leasing expert and founder of Lease with Crystal, Crystal Riley reveals the four questions every business owner should ask before buying or leasing equipment.

Los Angeles, CA (PRWEB) April 29, 2008 — Small business owners need equipment to be able to operate successfully and avoid becoming one of the 85 percent of businesses that fail within the first year of operation. But because there are costs, often large ones, associated with starting a new business, many business owners are faced with the question of whether to buy or lease equipment. Crystal Riley, president of Lease with Crystal, a company dedicated to providing customized commercial leasing programs, believes that the decision to buy or lease equipment should be considered seriously.

"There are several key considerations business owners need to factor in when deciding how to procure new equipment for their businesses," says Riley. "These considerations go far beyond which one is cheaper in the short term. Rather, tax breaks, resale value, and the net cost of the asset all need to be considered carefully."

How Much Will Be Needed for Upfront Costs?
According to Riley, one of the major benefits to leasing equipment is that the upfront costs are far less than if the equipment was purchased. There are very few instances where a lease requires a down payment, thus allowing a business owner to purchased needed equipment without significantly affecting cash flow. "Leasing can be especially helpful for business owners who have less-than-stellar credit or those who need to negotiate lower payments over a longer period of time," says Riley. In addition, when business owners are leasing equipment under $100,000 they rarely have to provide financial statements, tax returns and business plans.

Some business owners who chose to buy their equipment have the money to purchase the equipment outright, but more realistically, a business owner looking to purchase equipment will have to finance a portion of the purchase. While financing the equipment will lead to ultimate ownership, most banks require a 20 percent down payment, which affects cash flow and may tie up lines of credit. "Some lenders may also place restrictions on your future financial operations to ensure that the loan is repaid," says Riley. "This alone can make things difficult for some small business owners who may need to access more loans to keep his or her business afloat."

How Will Buying or Leasing Equipment Affect Taxes?
Both leasing and owning property provide tax advantages to small business owners. Generally speaking, lease payments can be deducted as a business expense on a tax return. As such, the net cost of the lease is reduced, providing an overall savings. Many business owners find that after factoring in these deductions, they often save money by purchasing leased equipment. Conversely, Section 179 of the Internal Revenue Code allows for the deduction of some newly purchased assets in the first year. "In Tax Year 2007, equipment costs up to $112,000 could be deducted," says Riley. "Some equipment is not eligible under Section 179, but tax savings can be realized on almost any piece of business equipment through the business depreciation deduction."

What Will the Equipment Be Worth?
"One of the major disadvantages of leasing equipment is that because you are not purchasing it, it cannot be considered an asset and cannot be sold," says Riley. "Conversely, after you purchase equipment, it's yours. This is especially advantageous when dealing with a piece of equipment that has a long, useful – and I emphasize useful – life and is not in danger of becoming technologically obsolete in a short period of time." According to Riley, leasing is a way to address equipment that may become obsolete in a short period of time is to lease it. A lease passes the burden of obsolescence onto the lessor rather than the purchaser. "When leased equipment becomes outdated, you can give it back to the owner at the expiration of the lease and get new, current, higher end equipment," says Riley.

Riley warns that another major consideration is how much a piece of equipment will depreciate. "A computer system depreciates far faster than office furniture," says Riley. "So, you have to pay special attention to the equipment and make sure that what you spend for it today will not be markedly different than what you can sell it for tomorrow. Certainly, some depreciation will occur simply through normal aging and wear and tear, but it's always something to consider."

How Long Will the Equipment Be Used?
Before leasing equipment, Riley warns that you need to be sure you are really going to use the equipment. "A lease is a contract that lasts over a defined period of time," explains Riley. "As such, if you lease a piece of equipment for three years, and find that after two years, you are no longer using it, you still have to pay that last year of the lease. That is not to say that some leases don't give you the option to cancel the lease, because some do. But they will levy a huge termination fee."

Crystal Riley has in-depth management experience and comprehensive understanding of the business world. Offering a unique skill set that is necessary to effectively put deals together, having served as the special director for music mogul Jimmy Iovine for several years, Crystal rose through the ranks at Interscope Geffen A & M to become a master of campaign development and overall project management. As an executive in the music industry, she committed herself twenty-four hours a day to ensure successful strategic partnerships with Apple, Napster, Yahoo, Starbucks, Microsoft and Facebook. Leaving the industry, Crystal followed in the footsteps of her family, which includes generations upon generations of successful entrepreneurs. Lease With Crystal opened its doors in 2008, with the backing of Lease One – an original inventor in the Equipment Leasing world, with 20 years of experience. Crystal lives in Los Angeles with her family. More information about Lease with Crystal can be found by visiting

When Does Open Source Make Sense?

    Two weeks ago, my quiet Sunday afternoon was interrupted by a knock on the back door; my neighbor from across the street needed some computer help. While I normally shy away from helping friends and family with computer issues due to the “ownership of all future problems” factor, I decided to take a quick look.  (I should note that my neighbor owns a heating and cooling company, so he's a good guy to have owe me a favor in return).

    It seems that he had purchased a brand new PC a week ago and decided that he did not want Windows Vista anymore, so he had his cousin (who is a technician at a local computer repair shop) load a pirated copy of XP Pro. The problem they were having was that the PC would not boot to the XP CD. After spending several hours working on this, his cousin gave up. My neighbor's wife suggested he ask me for some help.

    A quick “CD E:” followed by “DIR” revealed a blank CD. Duh! (I should have gotten the name of the PC shop where his cousin works.) “So, what do we do now?” he asks. Well, I am certainly not going to provide a copy of XP for him to use with his pirated key, and while he does have a valid XP Home upgrade key, I am not going to load his pirated copy of 98 just so he can upgrade. This left one choice: Linux.

    We booted up to a live Mepis CD and verified that his digital cameras, printer, and all peripherals worked properly. Within 10 minutes of clicking the “install to hard drive” icon on the Mepis desktop, we were booted into the freshly installed Linux OS. Both my neighbor and his “computer tech” cousin were impressed by the ease of installation, amount of available software, and how easy it was to figure out how to move around in the OS. Two weeks have gone by now and the only time my neighbor has contacted me regarding the computer was to drop off a case of beer in appreciation and tell me how much he likes his new operating system.
    A small business finally outgrows the residential grade router they were using as a firewall and is looking for an upgrade to something more robust. They receive several quotes for Sonicwall, Pix, Fortigate, etc., but all of these quotes exceed the available budget.  A good time for open source? You betcha! An IPCop firewall would provide excellent perimeter protection, a VPN solution, and web content filtering all in one box. “How can I sell IPCop, it's open source?” you may ask. Well, the answer to that particular question is that you don't sell IPCop, you sell a firewall and support for that firewall.

   The above situations are what I consider to be good examples of the “right” time for open source. My neighbor needed a new PC, purchased one with Vista preloaded and decided he did not care for the new operating system at all. In addition, there were compatibility issues with his printer and the older of his two digital cameras. Linux offered him a “new” operating system without the learning curve he was experiencing with Vista, worked with all of his peripherals, and was free. The small office needed to upgrade their firewall without spending a large amount of money on hardware and licensing. The IPCop provides a very nice solution with an easy to use web interface that the “IT Person” (read: office manager) can use effectively.

    There are other times when a switch to open source makes sense: a client that needs a mail server but can't justify the expense of Exchange can use ZimbraEbox is a great replacement for SBS.  Nagios is a nice option to What's Up Gold or HP Openview. Need an enterprise class router but can't justify Cisco gear? Take a look at Vyatta .

    Do you have users that need nothing more than email, a word processor, and a web browser? Switch them to Linux. Thunderbird, Open Office, and Firefox look and work the same on Linux as they do in Windows. As an added bonus that user's PC is not going to be susceptible to viruses, spyware, and other malware that will eventually affect performance and even become a risk to their personal information.

    The list of open source alternatives to commercial products is growing everyday. A majority of these alternative applications do not require any special knowledge of Linux at all; they are easy to install, utilize web based administration, and have excellent support through the community. Take the time and familiarize yourself with some of the open source applications that are available. Download a few and play around with them. Install Linux on a spare computer and get familiar with it. Thinking “outside of the box” and having something to offer to your customers that all the “other guys” don't is what will set you apart from the competiton.

    As always, if you have any questions, comments, problems, or want to list me as the beneficiary of your life insurance policy, please feel free to contact me at .

Copyright 2008 Todd Hughes.

Free Trade Magazines

Complimentary Information Technology Magazine Subscriptions has joined forces with to offer you a new, exciting, and entirely free professional resource. Visit today to browse our selection of complimentary Information Technology magazine subscriptions. No credit cards, coupons, or promo codes required. Try it today!

Free White Papers

Complimentary Information Technology Downloads has joined forces with to offer you a new, exciting, and entirely free professional resource. Visit today to browse our selection of complimentary Information Technology white papers, webinars, podcasts, and more. No credit cards, coupons, or promo codes required. Try it today!


Availability and the Cloud

Securing the Cloud

Breaking the Bottleneck

Six Mistakes Companies Are Making Today And How You Can Avoid Them

Responding Quickly to Changing Markets: Anticipate, Adapt, Excel

Business VoIP Comparison Guide

Why Small Businesses Should Look Beyond Big Brands When Choosing Antivirus

Phone Systems for Small, Medium & Enterprise Business: Which to Buy?

Get the facts: Pros & Cons of a Hosted PBX Phone System

Apple Aims for Deeper Enterprise Penetration with iPhone 4 and iOS 4

Advanced Bash-Scripting Guide

Top 10 Concerns of Buying a VoIP Business Phone System

Digital Copiers: Find The Best And Most Efficient System For Your Business

Building a Smarter IT Infrastructure for Local Government

Managing the Server Migration Process

Linux from Scratch

A Computer Geek’s Smart Productivity Guide

The Easy Guide To Computer Networks

A Newbie’s Getting Started Guide to Linux

Securing & Optimizing Linux: The Hacking Solution (v.3.0)

Climate Change: Challenges and Opportunities for Business

6 Essential Criteria when Choosing an Antispam Solution

Increasing Performance in Enterprise Anti-Malware Software

The JavaScript Anthology: 101 Essential Tips, Tricks & Hacks – Free 158 Page Preview

The GNU/Linux Advanced Administration

Introduction to Free Software

Scrappy Information Security

Selling Open Source

There are many open source alternatives to the proprietary/licensed versions of common commercial software applications. For those of us who serve the small business customer, these alternatives can provide a means to increase our income and drive sales by providing solutions for our customers that they might not otherwise be able to afford.    
     A good example of this is a small company with about 15 users that wants the benefits of a groupware server (mail, shared calendering and documents, etc.) but cannot realistically afford Microsoft's SBS or Exchange. Enter Zimbra, an open source collaboration suite. Zimbra offers everything that Exchange does in an easy to install and manage package: mail server (POP & IMAP), shared calendering, shared documents, and a host of other goodies. Users access their mail and other features via a web browser (ala OWA) making remote access available to the users even when they are at home or on the road.    

    Take a look at the screen shot below, does it look familiar? No, that's not OWA, it's Zimbra! Setup and administration is done via the web interface but there are also several command line tools available to perform various functions such as importing mail from an existing mail server, batch creation of user accounts, etc. User authentication can be done locally or Zimbra can be tied into an existing Active Directory environment for authentication.  As a service provider, you can enable inbound port 22 and port 7071 traffic through the customer's firewall (from your IP address at the shop only!) and have secure remote access to configuration files and the administrative interface to help your customers with any problems that they may have.



Zimbra is installed on top of a basic Linux operating system. I built mine on top of Ubuntu server.  Download the iso image   for Ubuntu Server 6.06.1 LTS and install the operating system. You can accept defaults during the install with the exception of the IP address; if it grabs a DHCP address just use the “back” button and manually assign the proper information. Next, install the Zimbra suite. A good how-to can be found here .

    Setup of Zimbra (including a quick start guide) can be found in the documentation at the Zimbra web site .   

    So, procure a decent server (nothing fancy, P4 2+Ghz, 512Mb RAM, 150-200 GB HD), install Ubuntu/Zimbra, and offer it to your clients as an “open source Exchange” server. Mark up the hardware to include a nice profit and cover your time building the server, charge them a few bucks for installation, offer support at maybe $500.00/yr, and start making some money on open source!

    Keep in mind that Zimbra is just the tip of the iceberg. There's Ebox (an SBS like clone), Snort/BASE (IDS), IPCop (Sonicwall like firewall), MySQL/MyPHP Admin (database and frontend), Ntop (network and bandwidth utilization),  Apache (web server), Nagios (networking monitoring and alerting), PacketFence (NAC), Zenoss (an HP OpenView/What'sUp Gold like clone), Squid/SquidGuard (a Websense/SurfControl like clone), many different versions of the Linux desktop, etc, etc. Start getting familiar with Linux and open source and you will find that you have something to offer your customers that the “other guys” don't.

    As always, if you have any questions, comments, problems, or want to name your first born after me, please feel free to contact me at

Copyright 2007 Todd Hughes