Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Question on securing port80 from upload
Special Forums Cybersecurity Question on securing port80 from upload Post 302473429 by ahmedkamel on Saturday 20th of November 2010 01:34:52 AM
Old 11-20-2010
Question on securing port80 from upload
Hello,
I am using a linux fedora 12.0 with L7 filter and proxy as the main firewall for my system composed of some several hundred pcs. The port 80 is open for certain mac addresses these computers, that is to say that , only a few of these computers have access to internet and others have been denied. However, they have access to two specific websites on internet .
I would like to know that if there is a virus attack through these websites in form of executable adwares or malwares, can this linux firewall detect any information that might be directed out of those computers to the attacking source? In other words, is there s tuning in L7 filter or any other filter that can detect transfer of files or some bites through port 80 unrelated to normal http requests?
Thanks
 

7 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Securing arguments

OK here is my problem. Ive been trying to write a script where i use the order "find". For example if i wont to find some file in the sql_work directory using the script. You use the command: loc sql_work "q*" in order to find all the queries in the directory. Is there any other way to do it,... (0 Replies)
Discussion started by: SolidSnake
0 Replies

2. AIX

securing a shell

I would like to secure a shell script from being broken out of with Ctrl-C or equivalent. Once a user logs in, he should not be able to exit to the command prompt. any ideas. Thank you J (1 Reply)
Discussion started by: jhansrod
1 Replies

3. Cybersecurity

Apache Question - Securing against unwanted use with cable modem

I have built a Linux machine in my home using Mepis Linux and I'm running Apache on it. I want to use Apache on my machine and use it as testing area for web pages and other applications. I use a cable modem to connect to the internet. The Linux box is connected to a router, which connects... (3 Replies)
Discussion started by: Doctor_Morbius
3 Replies

4. Cybersecurity

Securing Passwords

Hi All, I'd like to give you an example of what I am trying to achieve and perhaps you might be able to help me along. I would like to add the following criteria to new servers, from a password aging and lockout standpoint. -Number of failed logins before lockout: = 5 -Number of Passwords... (1 Reply)
Discussion started by: mkono
1 Replies

5. Linux

Securing remote connections

Hi all, I have a couple of questions I've been searching on internet but I didn't find a suitable solution. The aim is that I'd like to access to my home Linux (an 8.04 Ubuntu) from outside. I already achieved with ssh, but I'd like to secure as much as I can. These are questions: The... (2 Replies)
Discussion started by: AlbertGM
2 Replies

6. Cybersecurity

securing AIX box

Guys, i want to securing AIX after install by scrath. Is anybody can inform about the standard port which used by AIX? (0 Replies)
Discussion started by: michlix
0 Replies

7. AIX

Securing AIX

Guys, i want to securing AIX after install by scratch. Is anybody can inform about the standard port which used by AIX? (4 Replies)
Discussion started by: michlix
4 Replies

LEARN ABOUT FREEBSD

tftp-proxy

TFTP-PROXY(8)						    BSD System Manager's Manual 					     TFTP-PROXY(8)

NAME

     tftp-proxy -- Internet Trivial File Transfer Protocol proxy

SYNOPSIS

     tftp-proxy [-v] [-w transwait]

DESCRIPTION

     tftp-proxy is a proxy for the Internet Trivial File Transfer Protocol invoked by the inetd(8) internet server.  TFTP connections should be
     redirected to the proxy using the pf(4) rdr command, after which the proxy connects to the server on behalf of the client.

     The proxy establishes a pf(4) rdr rule using the anchor facility to rewrite packets between the client and the server.  Once the rule is
     established, tftp-proxy forwards the initial request from the client to the server to begin the transfer.	After transwait seconds, the pf(4)
     NAT state is assumed to have been established and the rdr rule is deleted and the program exits.  Once the transfer between the client and
     the server is completed, the NAT state will naturally expire.

     Assuming the TFTP command request is from $client to $server, the proxy connected to the server using the $proxy source address, and $port is
     negotiated, tftp-proxy adds the following rule to the anchor:

	   rdr proto udp from $server to $proxy port $port -> $client

     The options are as follows:

     -v      Log the connection and request information to syslogd(8).

     -w transwait
	     Number of seconds to wait for the data transmission to begin before removing the pf(4) rdr rule.  The default is 2 seconds.

CONFIGURATION

     To make use of the proxy, pf.conf(5) needs the following rules.  The anchors are mandatory.  Adjust the rules as needed for your configura-
     tion.

     In the NAT section:

	   nat on $ext_if from $int_if -> ($ext_if:0)

	   no nat on $ext_if to port tftp

	   rdr-anchor "tftp-proxy/*"
	   rdr on $int_if proto udp from $lan to any port tftp -> 
	       127.0.0.1 port 6969

     In the filter section, an anchor must be added to hold the pass rules:

	   anchor "tftp-proxy/*"

     inetd(8) must be configured to spawn the proxy on the port that packets are being forwarded to by pf(4).  An example inetd.conf(5) entry fol-
     lows:

	   127.0.0.1:6969  dgram   udp	   wait    root 
		   /usr/libexec/tftp-proxy tftp-proxy

SEE ALSO

     tftp(1), pf(4), pf.conf(5), ftp-proxy(8), inetd(8), syslogd(8), tftpd(8)

CAVEATS

     tftp-proxy chroots to /var/empty and changes to user ``proxy'' to drop privileges.

BSD
								 November 28, 2005							       BSD
All times are GMT -4. The time now is 10:16 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy