[CentOS] pointers for using CentOS box as filter for children
Ryan
ryanag at zoominternet.net
Wed Oct 12 02:07:58 UTC 2005
On Tuesday 11 October 2005 01:18 pm, Steven Vishoot wrote:
> thank you for correcting me, i knew i was kind of in
> the neighborhood and knew it was not that simply since
> a lot im programs use different ports. So it might a
> good idea to know what IM program they are using would
> you think?
My $.02:
#1 Setup a powerful iptables configuration tool like shorewall (my preferred
choice) or fwbuilder and use it to limit all *outbound* traffic to a few
ports (80 , 443).
#2. Let them go about their business.
#3. Go through the syslog messages (/var/log/messages). You will see all the
ports they were trying to IM and fileshare out on, and that were blocked.
#4. Think about what you want to allow. If you *only* want to allow web
browsing, set up squid, and drop everything outbound that isn't destined for
port 3128 on your squid server.
#5. Squid will generate logs of what websites were visited. Check the logs
occasionally.
Email me/list if you need help setting up shorewall/squid. You may want to put
the restricted PC in a modified DMZ - shorewall has a special configuration
to do exactly what you are asking.
More information about the CentOS
mailing list