Glen wrote:
>
> Kinda odd that so many people are talking about firewalls lately - work just
> got hit with the biggest virus blast I think they've ever had. I only had
> time to get to 3 support calls, when more than 25 came in.
>
> That said, I just got permission today to install a Linux firewall :) Kinda
> nice, since the company writes programs for windows ;)
>
> I need to have virus-scanning software on it, and I'm looking for something
> that might integrate with iptables. I found a few programs on the net, and
> while they're expensive, they'll do the job nicely - except that I don't know
> if they work with iptables. It has to scan smtp, http, and ftp, and
> quarantine anything resembling all these W32.*.whatever worms, trojans,
> virii, etc....
>
> Anyone have any ideas/recommendations? (besides not doing the scanning on the
> firewall....)
To do this, you're either going to have to pick virus scanning software
that will run as proxies (i.e. it will have to act as SMTP, HTTP and FTP
proxies) which you will run on the firewall and all connections outbound
will have to go through one of those proxies or be denied, or the
software will have to support the REDIRECT option in IPtables that
allows the firewall to redirect packets going through it to an external
application, similar to, but not identical to, acting as a proxy.
Are you talking about scanning inbound or outbound traffic or both?
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
With Microsoft products, failure is not an option --
it's a standard component.
Choose your life. Choose your future. Derek Glidden
Choose Linux. http://www.illusionary.com/
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:44:27 EDT