Hi All, I am running iptables on centos 4.5 and 5 boxes. Now , I have requirements to enable below features. Gateway level antivirus, anti spyware and intrusion preventions, content filtering, etc. I googled a bit. But, Still no luck to find proper Docs to enable these. Can Iptables meet these features? If possible, Pls let me know some documentations that say How to set up these. Hope to hear from you. -- Thank you Indunil Jayasooriya
Hi All, I am running iptables on centos 4.5 and 5 boxes. Now , I have requirements to enable below features. Gateway level antivirus, anti spyware and intrusion preventions, content filtering, etc. I googled a bit. But, Still no luck to find proper Docs to enable these. Can Iptables meet these features? If possible, Pls let me know some documentations that say How to set up these. Hope to hear from you. -- Thank you Indunil Jayasooriya
Indunil Jayasooriya wrote:> Hi All, > > I am running iptables on centos 4.5 and 5 boxes. > > Now , I have requirements to enable below features. > > Gateway level antivirus, anti spyware and intrusion preventions, > content filtering, etc. > > I googled a bit. But, Still no luck to find proper Docs to enable these.what did you google for and what were the results ? most of what you need to get done is better addressed on other projects lists. I suggest you start at freshmeat.net and follow it up with the relevant project.> Can Iptables meet these features? If possible, Pls let me know some > documentations that say How to set up these.neither iptables nor anything shipped in centos is going to do all that for you. btw, you seem to repeatedly ask very novice questions on this list, mostly having done absolutely no research or efforts on your part. I would recommend you change that. Also, you seem to almost never ever get involved with or make any efforts to help people in any conversations - thats not a very nice way to behave on mailing lists. Having been on the list for over a year, I am sure you are competent enough to contribute in more constructive manner. -- Karanbir Singh : http://www.karan.org/ : 2522219 at icq
Indunil Jayasooriya wrote:> Hi All, > > I am running iptables on centos 4.5 and 5 boxes. > > Now , I have requirements to enable below features. > > Gateway level antivirus, anti spyware and intrusion preventions, > content filtering, etc.There are a hundred different ways to filter different things, depending on exactly what you are trying to accomplish. One way (that has nothing to do with CentOS) to do part of that is to use IPCOP as your border router. (It has snort IDS, and squid filtering built in). Spam, antivirus, and spyware normally come in via e-mail, and spamassassin and clamav used in conjuction with your mail server (if you run it) or in conjunction with your e-mail client on linux can fix that. CentOS itself does contain spamassassin, but clamav needs to be obtained from dag. Setting all this up is the basis for many howtos on the web ... and you need to plan out your real goals, like: what to stop, how that gets in now, how many users / how much traffic (and based on that ... where to filter it and how many machines it will take), how to integrate it with your current infrastructure, etc. There are things like this prebuilt too: http://www.barracudanetworks.com/ <snip> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080103/7f1d3ec8/attachment-0003.sig>
> Indunil Jayasooriya wrote: > > Hi All, > > > > I am running iptables on centos 4.5 and 5 boxes. > > > > Now , I have requirements to enable below features. > > > > Gateway level antivirus, anti spyware and intrusion preventions, > > content filtering, etc. > > There are a hundred different ways to filter different things,depending> on exactly what you are trying to accomplish. > > One way (that has nothing to do with CentOS) to do part of that is to > use IPCOP as your border router. (It has snort IDS, and squidfiltering> built in). > > Spam, antivirus, and spyware normally come in via e-mail, and > spamassassin and clamav used in conjuction with your mail server (ifyou> run it) or in conjunction with your e-mail client on linux can fixthat. You may also install copfilter onto IPCOP to get pop/smtp/ftp/http scanning (virus etc) http://www.copfilter.org/ /Christopher