* What to do to protet our send from the attacks which is caused by worms?
@ 2004-09-17 19:10 Red Hat
2004-09-17 19:20 ` Aleksandar Milivojevic
2004-09-17 20:55 ` rruegner
0 siblings, 2 replies; 3+ messages in thread
From: Red Hat @ 2004-09-17 19:10 UTC (permalink / raw)
To: netfilter
Hi,
What to do to protet our send from the attacks which is caused by worms in
Microsoft XP OS of our users? Our user may have worms in their system & it
causes that our send go up & up that our send is going upper than which we
have to use. for example if we can send 64Kb/s their worm cause our send go
upper than this. These worms would cause our network work too bad. I mean
the other user which doesn't have worm, can't work properly.
Hope you understand our problem. Now I want to use a software or command in
my Linux server which contain squid to protect our send not to go up because
of the worm of our users.
I think we can protect it by iptables but I don't know how should I do this?
So wanted to intall smoothwall to help me. Now I understand that it can't
help me.
what's you opinion & how should I do that?
Thanks in advance.
Best Regards,
Mehdi
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: What to do to protet our send from the attacks which is caused by worms?
2004-09-17 19:10 What to do to protet our send from the attacks which is caused by worms? Red Hat
@ 2004-09-17 19:20 ` Aleksandar Milivojevic
2004-09-17 20:55 ` rruegner
1 sibling, 0 replies; 3+ messages in thread
From: Aleksandar Milivojevic @ 2004-09-17 19:20 UTC (permalink / raw)
To: netfilter
Red Hat wrote:
> Hi,
>
> What to do to protet our send from the attacks which is caused by worms in
> Microsoft XP OS of our users? Our user may have worms in their system & it
> causes that our send go up & up that our send is going upper than which we
> have to use.
How about installing all updates from MS, and putting some anti-virus on
your mail server, so that your users don't get infected in the first place?
Other than that, on the firewall close everything down, and allow only
what you need (no direct outgoing connections from user's computers, no
direct incoming connections to user's computers, only incomming/outgoing
to/from servers in DMZ).
--
Aleksandar Milivojevic <amilivojevic@pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: What to do to protet our send from the attacks which is caused by worms?
2004-09-17 19:10 What to do to protet our send from the attacks which is caused by worms? Red Hat
2004-09-17 19:20 ` Aleksandar Milivojevic
@ 2004-09-17 20:55 ` rruegner
1 sibling, 0 replies; 3+ messages in thread
From: rruegner @ 2004-09-17 20:55 UTC (permalink / raw)
To: Red Hat; +Cc: netfilter
Hi, you can use dansguardian with antivirus plugin for http, and amavis
new for smtp, and frox for ftp, use clamd as free antivirus scanner
so you have a complete antivirus solution,
alternative for http use apache in proxy mode with mod_vir ( dont know
exactly how the name was ) coupled wtih squid and squidguard.
Do a conservative firewall for the the rest of the ports with iptables.
You can use some comercial linux distros like astaro or gibraltar with
all packed in , or ipcop with serveral plugins.
After all you need a daily update of win machines and comercial antivir
on it like antivir , and a susserver in your lokal network for security
updates, check your users not to act as lokal or domain admins
and advice them not to use outlook (express) or internet explorer,
install thunderbird and firefox and set them as default in windows,
install spybot on all machines.
Snort on the firewall will help you find out what attacks are going on
So you have a working pack which gives you relativ sercurity as long
your staying up to date , with all signatures of viri.
Set acls on your switches and check only mac adresses you know on them.
dont use buggy win xp firewall, check out ie. kerio firewall for windows.
Security is a concept ,not one software or os
Regards
Red Hat schrieb:
> Hi,
>
> What to do to protet our send from the attacks which is caused by worms in
> Microsoft XP OS of our users? Our user may have worms in their system & it
> causes that our send go up & up that our send is going upper than which we
> have to use. for example if we can send 64Kb/s their worm cause our send go
> upper than this. These worms would cause our network work too bad. I mean
> the other user which doesn't have worm, can't work properly.
> Hope you understand our problem. Now I want to use a software or command in
> my Linux server which contain squid to protect our send not to go up
> because
> of the worm of our users.
> I think we can protect it by iptables but I don't know how should I do
> this?
> So wanted to intall smoothwall to help me. Now I understand that it can't
> help me.
> what's you opinion & how should I do that?
>
> Thanks in advance.
>
> Best Regards,
> Mehdi
>
> _________________________________________________________________
> Tired of spam? Get advanced junk mail protection with MSN 8.
> http://join.msn.com/?page=features/junkmail
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-09-17 20:55 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-09-17 19:10 What to do to protet our send from the attacks which is caused by worms? Red Hat
2004-09-17 19:20 ` Aleksandar Milivojevic
2004-09-17 20:55 ` rruegner
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.