Re: What to do to protet our send from the attacks which is caused by worms?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi, you can use dansguardian with antivirus plugin for http, and amavis new for smtp, and frox for ftp, use clamd as free antivirus scanner
so you have a complete antivirus solution,
alternative for http use apache in proxy mode with mod_vir ( dont know exactly how the name was ) coupled wtih squid and squidguard.
Do a conservative firewall for the the rest of the ports with iptables.
You can use some comercial linux distros like astaro or gibraltar with all packed in , or ipcop with serveral plugins.
After all you need a daily update of win machines and comercial antivir on it like antivir , and a susserver in your lokal network for security updates, check your users not to act as lokal or domain admins
and advice them not to use outlook (express) or internet explorer,
install thunderbird and firefox and set them as default in windows,
install spybot on all machines.
Snort on the firewall will help you find out what attacks are going on
So you have a working pack which gives you relativ sercurity as long
your staying up to date , with all signatures of viri.
Set acls on your switches and check only mac adresses you know on them.
dont use buggy win xp firewall, check out ie. kerio firewall for windows.
Security is a concept ,not one software or os
Regards

Red Hat schrieb: 
Hi,

What to do to protet our send from the attacks which is caused by worms in
Microsoft XP OS of our users? Our user may have worms in their system & it
causes that our send go up & up that our send is going upper than which we
have to use. for example if we can send 64Kb/s their worm cause our send go
upper than this. These worms would cause our network work too bad. I mean
the other user which doesn't have worm, can't work properly.
Hope you understand our problem. Now I want to use a software or command in
my Linux server which contain squid to protect our send not to go up because
of the worm of our users.
I think we can protect it by iptables but I don't know how should I do this?
So wanted to intall smoothwall to help me. Now I understand that it can't
help me.
what's you opinion & how should I do that?

Thanks in advance.

Best Regards,
Mehdi

_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux