Hi all
I've been thinking about using CentOS on a Dell R200 server and turn it into a firewall / network monitor / traffic shaper in our datacentre, instead of using a dedicated firewall device.
One of the devices that I have been looking at, with my limited budget, is the D-Link DFL 860 - http://www.netdefend.eu/Product.aspx?m=15&ref=DFL-860
It provides AV, SPI, VPN, DOS, P2P, etc protection. Most of this can be done with Linux as well, but I'm not 100% sure about the AV part.
How will I use / setup CentOS to check all traffic coming in & out (HTTP, SMTP, POP3, IMAP, etc) for virusses and clean them? We host both Windows & Linux servers, and I'm not too worried about the Linux servers, but Windows needs a lot of extra protection.
Dear Rudi,
what software do you think using to do that operations?
Best Regards,
--- Eduardo Silvestre nfsi telecom, lda.
eduardo.silvestre@nfsi.pt Tel. (+351) 21 949 2300 - Fax (+351) 21 949 2301 http://www.nfsi.pt/
----- Original Message ----- From: "Rudi Ahlers" Rudi@SoftDux.com To: "CentOS mailing list" centos@centos.org Sent: Wednesday, July 9, 2008 4:23:59 PM GMT +00:00 GMT Britain, Ireland, Portugal Subject: [CentOS] can I use CentOS as a antivirus / spam filter / HTTP AV gateway?
Hi all
I've been thinking about using CentOS on a Dell R200 server and turn it into a firewall / network monitor / traffic shaper in our datacentre, instead of using a dedicated firewall device.
One of the devices that I have been looking at, with my limited budget, is the D-Link DFL 860 - http://www.netdefend.eu/Product.aspx?m=15&ref=DFL-860
It provides AV, SPI, VPN, DOS, P2P, etc protection. Most of this can be done with Linux as well, but I'm not 100% sure about the AV part.
How will I use / setup CentOS to check all traffic coming in & out (HTTP, SMTP, POP3, IMAP, etc) for virusses and clean them? We host both Windows & Linux servers, and I'm not too worried about the Linux servers, but Windows needs a lot of extra protection.
Rudi Ahlers wrote:
Hi all
I've been thinking about using CentOS on a Dell R200 server and turn it into a firewall / network monitor / traffic shaper in our datacentre, instead of using a dedicated firewall device.
One of the devices that I have been looking at, with my limited budget, is the D-Link DFL 860 - http://www.netdefend.eu/Product.aspx?m=15&ref=DFL-860
It provides AV, SPI, VPN, DOS, P2P, etc protection. Most of this can be done with Linux as well, but I'm not 100% sure about the AV part.
How will I use / setup CentOS to check all traffic coming in & out (HTTP, SMTP, POP3, IMAP, etc) for virusses and clean them? We host both Windows & Linux servers, and I'm not too worried about the Linux servers, but Windows needs a lot of extra protection.
well, pop/imap shouldn't need any virus scanning, that would be handled at the SMTP transfer layer, by something like MailScanner + ClamAV (I've used this combination), or spamassassin+clamav, and others.
http virus scanning can be done by using Squid as a transparent web proxy agent and squid plugins. I've never attempted this myself, so I can't give you the exact recipe.
John R Pierce wrote:
Rudi Ahlers wrote:
Hi all
I've been thinking about using CentOS on a Dell R200 server and turn it into a firewall / network monitor / traffic shaper in our datacentre, instead of using a dedicated firewall device.
One of the devices that I have been looking at, with my limited budget, is the D-Link DFL 860 - http://www.netdefend.eu/Product.aspx?m=15&ref=DFL-860
It provides AV, SPI, VPN, DOS, P2P, etc protection. Most of this can be done with Linux as well, but I'm not 100% sure about the AV part.
How will I use / setup CentOS to check all traffic coming in & out (HTTP, SMTP, POP3, IMAP, etc) for virusses and clean them? We host both Windows & Linux servers, and I'm not too worried about the Linux servers, but Windows needs a lot of extra protection.
well, pop/imap shouldn't need any virus scanning, that would be handled at the SMTP transfer layer, by something like MailScanner + ClamAV (I've used this combination), or spamassassin+clamav, and others.
http virus scanning can be done by using Squid as a transparent web proxy agent and squid plugins. I've never attempted this myself, so I can't give you the exact recipe. _______________________________________________
I'm actually looking todo this on the network layer, rather than the software layer. Is this possible with Linux?
Rudi Ahlers wrote:
Hi all
I've been thinking about using CentOS on a Dell R200 server and turn it into a firewall / network monitor / traffic shaper in our datacentre, instead of using a dedicated firewall device.
One of the devices that I have been looking at, with my limited budget, is the D-Link DFL 860 - http://www.netdefend.eu/Product.aspx?m=15&ref=DFL-860
It provides AV, SPI, VPN, DOS, P2P, etc protection. Most of this can be done with Linux as well, but I'm not 100% sure about the AV part.
How will I use / setup CentOS to check all traffic coming in & out (HTTP, SMTP, POP3, IMAP, etc) for virusses and clean them? We host both Windows & Linux servers, and I'm not too worried about the Linux servers, but Windows needs a lot of extra protection.
ssshhh!!! Don't tell Trend Micro you are scanning for viruses at the gateway ... they don't like that term :-D
http://www.vnunet.com/vnunet/news/2219926/breakthrough-trend-micro-patent-ba...
Johnny Hughes wrote:
Rudi Ahlers wrote:
Hi all
I've been thinking about using CentOS on a Dell R200 server and turn it into a firewall / network monitor / traffic shaper in our datacentre, instead of using a dedicated firewall device.
One of the devices that I have been looking at, with my limited budget, is the D-Link DFL 860 - http://www.netdefend.eu/Product.aspx?m=15&ref=DFL-860
It provides AV, SPI, VPN, DOS, P2P, etc protection. Most of this can be done with Linux as well, but I'm not 100% sure about the AV part.
How will I use / setup CentOS to check all traffic coming in & out (HTTP, SMTP, POP3, IMAP, etc) for virusses and clean them? We host both Windows & Linux servers, and I'm not too worried about the Linux servers, but Windows needs a lot of extra protection.
ssshhh!!! Don't tell Trend Micro you are scanning for viruses at the gateway ... they don't like that term :-D
http://www.vnunet.com/vnunet/news/2219926/breakthrough-trend-micro-patent-ba...
Are you saying I'm not allowed todo this, and will be violating a patent right for building my own network level virus scanner / anti-virus gateway?
on 7-10-2008 3:23 AM Rudi Ahlers spake the following:
Johnny Hughes wrote:
Rudi Ahlers wrote:
Hi all
I've been thinking about using CentOS on a Dell R200 server and turn it into a firewall / network monitor / traffic shaper in our datacentre, instead of using a dedicated firewall device.
One of the devices that I have been looking at, with my limited budget, is the D-Link DFL 860 - http://www.netdefend.eu/Product.aspx?m=15&ref=DFL-860
It provides AV, SPI, VPN, DOS, P2P, etc protection. Most of this can be done with Linux as well, but I'm not 100% sure about the AV part.
How will I use / setup CentOS to check all traffic coming in & out (HTTP, SMTP, POP3, IMAP, etc) for virusses and clean them? We host both Windows & Linux servers, and I'm not too worried about the Linux servers, but Windows needs a lot of extra protection.
ssshhh!!! Don't tell Trend Micro you are scanning for viruses at the gateway ... they don't like that term :-D
http://www.vnunet.com/vnunet/news/2219926/breakthrough-trend-micro-patent-ba...
Are you saying I'm not allowed todo this, and will be violating a patent right for building my own network level virus scanner / anti-virus gateway?
No... He is saying that Trend Micro won't like it, and will sue you for millions of dollars and your first born child! ;-P
-
Eduardo Silvestre -
John R Pierce -
Johnny Hughes -
Rudi Ahlers -
Scott Silva