>>> sender: "Craig White" date: "Mon, Mar 20, 2006 at 07:50:24AM -0700" <<<EOQ > On Mon, 2006-03-20 at 13:33 +0200, Alexandru E. Ungur wrote: > > Hi all, > > > > I appologise in advance if this is a little OT, but I am building > > a box that will serve as firewall and router for a small 'internet > > cafe / netcafe' and am using CentOS... > > > > So here it is: > > What are the best tools to be used for keeping the potential > > script kiddies from 'harming the Internet' :) ? I specifically want > > to be able to detect and prevent portscans from LAN to Internet, and > > any other malware activity the clients might think of. > > > > I am particularily interested in 'the CentOS way'. For example I > > know there is psd module in patch-o-matic for iptables to be able > > to do the portscan detection in firewall... but, that doesen't > > feel like 'CentOS way' (because I have to build a cusom kernel) > > unless there is some kernel (even 3rd part, unsuported/etc.) that > > already has this in... > > > > Also I know of the portsentry tool, but the project seems pretty much > > dead after Cisco bought Psyonic... and again is not on up2date's list... > > > > I intend to use Snort, though I hope that it won't share portsentry's > > fate and become extinct after Check Point's acquisition of Sourcefire > > will be completed. No FUD intended on this, optimistic views are always > > highly welcomed :) > > > > Luckily denyhosts has no plans of selling itself to anyone so that's > > one project I can safely use :) > > > > So, Open Source portscaner for CentOS... anyone... ? :) > > > > > > Thank you for your time and help, > ---- > why not just use a proxy server like squid? Thank you for the suggestion. Yep, Squid/Oops + Dansguardian, is very good ideea and I'll probably use it. However how can that stop a kid to download the latest/coolest 'hacking script' and start doing portscans & co. ? I don't want to limit what they can access via web, but to limit what they can 'do to Internet' from their Windows boxes through the gateway I am setting up. I just don't like to have nobody messing on my FORWARD chains that's all ;) Thanks again, Alex