Our best defense in blocking virus and exploits on windows and Redhat boxes has been. 1.) Block attachments Block attachments, I use mime-defang, as a procmail plugin to sendmail. I don't agree with using html mail instead of plain text messages. Plain text is more secure then html mail, html can have javascript and iframe exploits in it. 2.) Keep systems up to date. Windows SUSE update service as a domain policy. All systems auto update each night. On windows I run an antivirus on each desktop, and do a central scan of all computers every day, or however long it takes to scan 600 pc's. Redhat all systems use up2date to update very night, and load their rpms off a central nfs server, to speed up the download. Add an entry to run up2date in /etc/cron.daily up2date -u -k /mnt/rpm/$RHVERSION --tmpdir /mnt/rpm/$RHVERION 3.) Turn off unneeded services. I use /etc/hosts.allow to block all services from outside our subnet on desktops. On Redhat 8.0 I enable medium firewall using lokkit. On windows I auto-close fileshares with promiscuous share permissions. 4.) Consolidate servers. We try to run the minimal number of web server/email/ etc services that are exposed to the internet. > --Luke > --Computer Science Sysadmin, MSU Bozeman > --admin(AT)cs.montana.edu 994-3931 > ). Also, sending and receiving HTML mail as opposed to > plain text ( I also picked this one for obvious > reasons ). This can also drastically reduce problems. > Sometimes it's the little things that matter. > Sometimes we don't have control over things. Using > portscan detection, libwrap options, virus stripping > programs, attack fingerprint detection software and > everything you can think of... that's protection. Not > enough, but it's a start. To really securify and > protect, you need protection in layers... multiple > layers. Reading is the prevention you need. > > > ===== > Kevin C. McConnell --RHCE-- <Red Hat Certified Engineer> > > __________________________________________________ > Do you Yahoo!? > HotJobs - Search new jobs daily now > http://hotjobs.yahoo.com/ > > > > -- > Psyche-list mailing list > Psyche-list@redhat.com > https://listman.redhat.com/mailman/listinfo/psyche-list -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
