Hi All,
I am running iptables on centos 4.5 and 5 boxes.
Now , I have requirements to enable below features.
Gateway level antivirus, anti spyware and intrusion preventions, content filtering, etc.
I googled a bit. But, Still no luck to find proper Docs to enable these.
Can Iptables meet these features? If possible, Pls let me know some documentations that say How to set up these.
Hope to hear from you.
Indunil Jayasooriya wrote:
Hi All,
I am running iptables on centos 4.5 and 5 boxes.
Now , I have requirements to enable below features.
Gateway level antivirus, anti spyware and intrusion preventions, content filtering, etc.
I googled a bit. But, Still no luck to find proper Docs to enable these.
what did you google for and what were the results ? most of what you need to get done is better addressed on other projects lists. I suggest you start at freshmeat.net and follow it up with the relevant project.
Can Iptables meet these features? If possible, Pls let me know some documentations that say How to set up these.
neither iptables nor anything shipped in centos is going to do all that for you.
btw, you seem to repeatedly ask very novice questions on this list, mostly having done absolutely no research or efforts on your part. I would recommend you change that. Also, you seem to almost never ever get involved with or make any efforts to help people in any conversations - thats not a very nice way to behave on mailing lists. Having been on the list for over a year, I am sure you are competent enough to contribute in more constructive manner.
btw, you seem to repeatedly ask very novice questions on this list, mostly having done absolutely no research or efforts on your part. I would recommend you change that.
Yes, I aggree with you. In most cases, I will have to get involved with our customeres. Due to that, I have lcak of time to research. I aggree to change it.
Also, you seem to almost never ever get involved with or make any efforts
to help people in any conversations -
thats not a very nice way to behave on mailing lists.
I would also like to volunteer. I know how much time you spend for other's benifit. I really appreciate you guys effort. Anyway, I' ll try to help people in conversations.
Having been on the list for over a year,
Yes, more than a year.
I am sure you are competent enough to contribute
in more constructive manner.
Yes, I will.
Indunil Jayasooriya wrote:
Hi All,
I am running iptables on centos 4.5 and 5 boxes.
Now , I have requirements to enable below features.
Gateway level antivirus, anti spyware and intrusion preventions, content filtering, etc.
There are a hundred different ways to filter different things, depending on exactly what you are trying to accomplish.
One way (that has nothing to do with CentOS) to do part of that is to use IPCOP as your border router. (It has snort IDS, and squid filtering built in).
Spam, antivirus, and spyware normally come in via e-mail, and spamassassin and clamav used in conjuction with your mail server (if you run it) or in conjunction with your e-mail client on linux can fix that.
CentOS itself does contain spamassassin, but clamav needs to be obtained from dag.
Setting all this up is the basis for many howtos on the web ... and you need to plan out your real goals, like:
what to stop, how that gets in now, how many users / how much traffic (and based on that ... where to filter it and how many machines it will take), how to integrate it with your current infrastructure, etc.
There are things like this prebuilt too:
http://www.barracudanetworks.com/
<snip>
Indunil Jayasooriya wrote:
Hi All,
I am running iptables on centos 4.5 and 5 boxes.
Now , I have requirements to enable below features.
Gateway level antivirus, anti spyware and intrusion preventions, content filtering, etc.
There are a hundred different ways to filter different things,
depending
on exactly what you are trying to accomplish.
One way (that has nothing to do with CentOS) to do part of that is to use IPCOP as your border router. (It has snort IDS, and squid
filtering
built in).
Spam, antivirus, and spyware normally come in via e-mail, and spamassassin and clamav used in conjuction with your mail server (if
you
run it) or in conjunction with your e-mail client on linux can fix
that.
You may also install copfilter onto IPCOP to get pop/smtp/ftp/http scanning (virus etc)
/Christopher
on 1/4/2008 1:37 AM Christopher Thorjussen spake the following:
Indunil Jayasooriya wrote:
Hi All,
I am running iptables on centos 4.5 and 5 boxes.
Now , I have requirements to enable below features.
Gateway level antivirus, anti spyware and intrusion preventions, content filtering, etc.
There are a hundred different ways to filter different things,
depending
on exactly what you are trying to accomplish.
One way (that has nothing to do with CentOS) to do part of that is to use IPCOP as your border router. (It has snort IDS, and squid
filtering
built in).
Spam, antivirus, and spyware normally come in via e-mail, and spamassassin and clamav used in conjuction with your mail server (if
you
run it) or in conjunction with your e-mail client on linux can fix
that.
You may also install copfilter onto IPCOP to get pop/smtp/ftp/http scanning (virus etc)
But copfilter updates are very slow. It would be nice if it could at least keep up with clam updates.
-
Christopher Thorjussen -
Indunil Jayasooriya -
Johnny Hughes -
Karanbir Singh -
Scott Silva