RE: Family protection - proxy?
- From: "Bill Diamond" <bdiamond@xxxxxxxxxxx>
- Date: Thu, 30 Mar 2006 18:21:40 -0600
I don't disagree, but I may take this a step further.
I had the same problem a few years ago. We all had pop accounts through
our ISP as well as various personal accounts. The amount of spam,
malware, and plain yeech was astonishing.
The solution I chose was to build a Linux server (but, you could do this
as easily with BSD). I set up postfix, fetchmail, spamassassin and
clamav.
All email gets pulled by the fetchmail process, processed through clamav
and spamassassin. Users connect to the Linux box via IMAP.
I did use an Athlon XP 2400 box with 1 GB RAM for several years until it
suddenly died. The replacement was an eMachines 62xx with 1.25 GB RAM.
Took less than a day to configure. I spend less than 2 hours per week
keeping it up to date with new rules for procmail. I did do some custom
spamassassin rules to change the subject line to reflect the spam score.
Scores of 5 points or less go into a "suspects" folder; 5 to 10 points
go into a "spam" folder. Anything above 10 points goes into a folder
that's hidden from the user.
The most effort was in creating the content filters for postfix, which
seemed scary at first but turned out to be nearly mindlessly easy and
pretty near foolproof. We're down to fewer than 5 false negatives that
slip through per day, and those are usually harmless solicitations.
Concur as well with the recommendations regarding the configuration of
dansguardian.
Bill
-----Original Message-----
From: ragdelaed [mailto:ragdelaed@xxxxxxxxx]
Sent: Thursday, March 30, 2006 11:52 AM
To: Paul Simons
Cc: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: Family protection - proxy?
install debian on a headless walmart special with 2 nic cards, one for
your lan, the other for the wan. install squid and dansguardian. install
clamav with anti-virus plugin, if you wish, but it will run slower.
much. run sarg for the reports. run dglog.pl for quick logs.
the best way to do it is to look at the howto at the bottom, then
download each component separately, install, mess it up, play around,
break it, then start all over again. depending on your experience level,
this might take a while. if you are unfamiliar with much of the below,
then count on at least a week to build, test, then deploy.
also, you need to configure the walmart special as your gateway. whether
you make it the dhcp server or not, it needs to be your gateway. then
you can direct all port 80 traffic to the dansguardian filter without
having to change any clients in your house. you make your box a
transparent proxy. instructions are in the howto.
this might take a while, but it is very worth it. i have three boys that
love yugioh and junk like that, so they are on the net all the time.
they get blocked a lot. :)
consider the enterprise equivalent. an enterprise proxy solution will
run about 250k for product and support, a content filtering solution
will be about 300k, an anti-virus solution will run about 100k, and the
monitoring and logging in man hours will be huge. estimate 500k for a
complete bundle solution, and your eyes bug out. and dansguardian is not
just a black list filter, but rather a weighted content solution that
does not depend on pre existing blacklists but can catch things on the
fly based on the content in the page. i like it. for about 300 bucks,
you can have all of the above, plus the other coolness that linux gives
you.
walmart:
http://www.walmart.com/catalog/product.do?product_id=4659580
http://www.newegg.com/Product/Product.asp?Item=N82E16822998004
or
http://www.newegg.com/Product/Product.asp?Item=N82E16833315001
dansguardian:
http://dansguardian.org/
squid:
http://www.squid-cache.org/
AV:
http://www.pcxperience.org/dgvirus/
http://www.clamav.net/
sarg:
http://sarg.sourceforge.net/
dglog.pl:
http://www.tiger.org/technology/dg/
howto:
http://www.ysgnet.com/modules.php?op=modload&name=News&file=article&sid=
164
http://www.nyetwork.org/wiki/DansGuardian
Paul Simons wrote:
I am looking for advice on how I can best protect my family from theon
'horrors' on the Internet.
We have a small ADSL/wireless network at home (with a firewall and AV
all systems) on which my kids have their PCs/Macs. My wife and I useit
via our laptops.sender, except where the sender specifically states them to be the views
What is the best way of stopping access to porn/violence/etc.?
I was looking at setting up a system with a proxy. Or maybe paying for
some sort of service?
I don't really want to have to install a package on every system
(expensive and unmanageable)
Any other suggestions gratefully considered
Paul
To find out more about Reuters visit www.about.reuters.com
Any views expressed in this message are those of the individual
of Reuters Ltd.
------------------------------------------------------------------------
---
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEexperience.
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting
Tailor your education to your own professional goals with degreePlanning,
customizations including Emergency Management, Business Continuity
Computer Emergency Response Teams, and Digital Investigations.------------------------------------------------------------------------
http://www.msia.norwich.edu/secfocus
---
------------------------------------------------------------------------
---
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting
experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- Prev by Date: Re: Internet Keyword System..
- Next by Date: Re: Family protection - proxy?
- Previous by thread: Re: Family protection - proxy?
- Next by thread: Re: Family protection - proxy?
- Index(es):
Relevant Pages
|
|
