Re: malware and spam control
- From: buck <buck@xxxxxxxxxxx>
- Date: 30 Nov 2009 22:01:32 GMT
"C." <colin.mckinnon@xxxxxxxxx> wrote in news:685875ba-9671-43dc-ad5a-
On Nov 21, 10:25 pm, buck <b...@xxxxxxxxxxx> wrote:M
Does anyone have experience with using iptables to control infected
Linux$ OS machines that get internet access by setting gateway to a
In my setup there is an access control list that uses nat and
thatrules to allow specific computers to access specified ports. Where
the M$ computer employs effective software to prevent infection,
allowedcomputer is allowed to use port 25, otherwise it either is not
25.any internet access at all or the port list does not include port
What I'd like to do is to allow even unprotected machines but drop
when iptables sees abuse. I prefer to use iptables only.
The main problem is in distinguishing between normal vesus infected
activity. Can anyone give examples, perhaps using "recent"
Ithat drop malware but allow normal activity? Can it even be done?
there A Better Way?
Yes - don't use NAT/masquerading - use proper application proxies.
a no-brainer to set up Sendmail or Postfix, Squid, leafnode et al.automatically
most of which already have hooks for policy management,
detecting abuse and dynamically blocking access.
I fail to see how a proxy is going to protect against a user who
blindy clicks OK for everything sent. Perhaps you could point me to a
mailing list, forum or newsgroup where I could get some pointers on
setting up Squid so it protects the network against malware?
- Prev by Date: Cheap *** Fashion Brand Belt==Armani Belt,D&G Belt,LV Belt,Gucci Belt.All On Site www.ebaychinaonline.com ***
- Previous by thread: Re: malware and spam control
- Next by thread: discount kinds of sunglasses at www.bagalibaba.com