Hello aal, Pls i want to know how i can make my Linux firewall can block viruses from entering my network. Thank --Fowe __________________________________ Do you Yahoo!? Yahoo! Search - Find what youre looking for faster http://search.yahoo.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
What "viruses" are you trying to block? With network filtering, you should only be allowing in services that you really use, like inbound www and mail. If you are letting in all traffic from the internet or you don''t know what I''m talking about, see www.netfilter.org documentation on how to build a real firewall. If you are talking about application layer viruses like through email: Kazaa, etc worms cannot be blocked since nobody''s written filters for them. Email can be blocked by running a virus scanner on your email server. Search for antivirus products that support your mail server. ClamAV is my personal choice for Sendmail servers. Beyond that, you need to be more specific about your problem before anyone can help. Yemi Fowe wrote:> Hello aal, > Pls i want to know how i can make my Linux firewall > can block viruses from entering my network. > Thank > --Fowe > > __________________________________ > Do you Yahoo!? > Yahoo! Search - Find what you''re looking for faster > http://search.yahoo.com > _______________________________________________ LARTC mailing list / > LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc > HOWTO: http://lartc.org/_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yemi Fowe wrote: | Hello aal, | Pls i want to know how i can make my Linux firewall | can block viruses from entering my network. | Thank I don''t know how much you can use LARTC for this particular end, but you can setup a deny-by-default firewall that will help already infected machines from getting out to the rest of the world. You might look at securing your apps on a more specific level, such as scanning/filtering your e-mail and web downloads. This is accomplished with mail/spam scanning software that has an antivirus engine integrated with the mail server to detect spam and virii, along with web proxy caching software that also has an antivirus engine integrated to scan all incoming content. You might also add an Intrusion Detection System to your firewall. Note, the more you add, the better machine you will need to have (processor and RAM, especially). The company I work for has worked on integrating antivirus support into DansGuardian in order to allow for scanning all incoming web content for virii. We also use MailScanner/SpamAssassin. You can check them out at http://www.pcxperience.org. - -- Jason A. Pattie pattieja@xperienceinc.com Xperience, Inc. (http://www.xperienceinc.com) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFASP+wuYsUrHkpYtARAjEAAJ9CTZA7ppzKks4fpNZveYLhWKFfkgCfWH7q Xpz10yorLJJY5Wa5m8S+P9Q=qZkG -----END PGP SIGNATURE----- -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Daniel Chemko wrote: | If you are talking about application layer viruses like through email: | | Kazaa, etc worms cannot be blocked since nobody''s written filters for | them. I have seen "solutions" that help the Kazaa problem. One was something like P2PWall, I think. There are even extensions that have been integrated with the IPCop firewall distro to block Kazaa (couldn''t get them to work, but that''s a different story). - -- Jason A. Pattie pattieja@xperienceinc.com Xperience, Inc. (http://www.xperienceinc.com) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Debian - http://enigmail.mozdev.org iD8DBQFASQA0uYsUrHkpYtARAq6UAJ43dgLXoBcmQfbx7LcjXC8JOdgU8ACggnwn NoyntAbwbF+xur8tUQh5caw=Q4Wi -----END PGP SIGNATURE----- -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Use Snort, http://snort.org , in an inline fashion. You can set up the firewall to QUEUE the packets and run them through snort to allow or drop them.> -----Original Message----- > From: lartc-admin@mailman.ds9a.nl > [mailto:lartc-admin@mailman.ds9a.nl] On Behalf Of Yemi Fowe > Sent: Friday, March 05, 2004 4:10 PM > To: lartc@mailman.ds9a.nl > Subject: [LARTC] viruses > > > Hello aal, > Pls i want to know how i can make my Linux firewall > can block viruses from entering my network. > Thank > --Fowe > > __________________________________ > Do you Yahoo!? > Yahoo! Search - Find what you''re looking for faster > http://search.yahoo.com > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Correction, that''s http://www.snort.org> -----Original Message----- > From: lartc-admin@mailman.ds9a.nl > [mailto:lartc-admin@mailman.ds9a.nl] On Behalf Of Nathan Littlepage > Sent: Friday, March 05, 2004 4:42 PM > To: lartc@mailman.ds9a.nl > Subject: RE: [LARTC] viruses > > > Use Snort, http://snort.org , in an inline fashion. You can set up the > firewall to QUEUE the packets and run them through snort to allow or > drop them. > > > -----Original Message----- > > From: lartc-admin@mailman.ds9a.nl > > [mailto:lartc-admin@mailman.ds9a.nl] On Behalf Of Yemi Fowe > > Sent: Friday, March 05, 2004 4:10 PM > > To: lartc@mailman.ds9a.nl > > Subject: [LARTC] viruses > > > > > > Hello aal, > > Pls i want to know how i can make my Linux firewall > > can block viruses from entering my network. > > Thank > > --Fowe > > > > __________________________________ > > Do you Yahoo!? > > Yahoo! Search - Find what you''re looking for faster > > http://search.yahoo.com > > _______________________________________________ > > LARTC mailing list / LARTC@mailman.ds9a.nl > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:http://lartc.org/>_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/