11-20-2010
Question on securing port80 from upload
Hello,
I am using a linux fedora 12.0 with L7 filter and proxy as the main firewall for my system composed of some several hundred pcs. The port 80 is open for certain mac addresses these computers, that is to say that , only a few of these computers have access to internet and others have been denied. However, they have access to two specific websites on internet .
I would like to know that if there is a virus attack through these websites in form of executable adwares or malwares, can this linux firewall detect any information that might be directed out of those computers to the attacking source? In other words, is there s tuning in L7 filter or any other filter that can detect transfer of files or some bites through port 80 unrelated to normal http requests?
Thanks
7 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
OK here is my problem. Ive been trying to write a script where i use the order "find".
For example if i wont to find some file in the sql_work directory using the script. You use the command: loc sql_work "q*" in order to find all the queries in the directory.
Is there any other way to do it,... (0 Replies)
Discussion started by: SolidSnake
0 Replies
2. AIX
I would like to secure a shell script from being broken out of with Ctrl-C or equivalent.
Once a user logs in, he should not be able to exit to the command prompt.
any ideas.
Thank you
J (1 Reply)
Discussion started by: jhansrod
1 Replies
3. Cybersecurity
I have built a Linux machine in my home using Mepis Linux and I'm running Apache on it.
I want to use Apache on my machine and use it as testing area for web pages and other applications.
I use a cable modem to connect to the internet. The Linux box is connected to a router, which connects... (3 Replies)
Discussion started by: Doctor_Morbius
3 Replies
4. Cybersecurity
Hi All,
I'd like to give you an example of what I am trying to achieve and perhaps you might be able to help me along.
I would like to add the following criteria to new servers, from a password aging and lockout standpoint.
-Number of failed logins before lockout: = 5
-Number of Passwords... (1 Reply)
Discussion started by: mkono
1 Replies
5. Linux
Hi all,
I have a couple of questions I've been searching on internet but I didn't find a suitable solution. The aim is that I'd like to access to my home Linux (an 8.04 Ubuntu) from outside. I already achieved with ssh, but I'd like to secure as much as I can. These are questions:
The... (2 Replies)
Discussion started by: AlbertGM
2 Replies
6. Cybersecurity
Guys, i want to securing AIX after install by scrath. Is anybody can inform about the standard port which used by AIX? (0 Replies)
Discussion started by: michlix
0 Replies
7. AIX
Guys, i want to securing AIX after install by scratch. Is anybody can inform about the standard port which used by AIX? (4 Replies)
Discussion started by: michlix
4 Replies
LEARN ABOUT FREEBSD
tftp-proxy
TFTP-PROXY(8) BSD System Manager's Manual TFTP-PROXY(8)
NAME
tftp-proxy -- Internet Trivial File Transfer Protocol proxy
SYNOPSIS
tftp-proxy [-v] [-w transwait]
DESCRIPTION
tftp-proxy is a proxy for the Internet Trivial File Transfer Protocol invoked by the inetd(8) internet server. TFTP connections should be
redirected to the proxy using the pf(4) rdr command, after which the proxy connects to the server on behalf of the client.
The proxy establishes a pf(4) rdr rule using the anchor facility to rewrite packets between the client and the server. Once the rule is
established, tftp-proxy forwards the initial request from the client to the server to begin the transfer. After transwait seconds, the pf(4)
NAT state is assumed to have been established and the rdr rule is deleted and the program exits. Once the transfer between the client and
the server is completed, the NAT state will naturally expire.
Assuming the TFTP command request is from $client to $server, the proxy connected to the server using the $proxy source address, and $port is
negotiated, tftp-proxy adds the following rule to the anchor:
rdr proto udp from $server to $proxy port $port -> $client
The options are as follows:
-v Log the connection and request information to syslogd(8).
-w transwait
Number of seconds to wait for the data transmission to begin before removing the pf(4) rdr rule. The default is 2 seconds.
CONFIGURATION
To make use of the proxy, pf.conf(5) needs the following rules. The anchors are mandatory. Adjust the rules as needed for your configura-
tion.
In the NAT section:
nat on $ext_if from $int_if -> ($ext_if:0)
no nat on $ext_if to port tftp
rdr-anchor "tftp-proxy/*"
rdr on $int_if proto udp from $lan to any port tftp ->
127.0.0.1 port 6969
In the filter section, an anchor must be added to hold the pass rules:
anchor "tftp-proxy/*"
inetd(8) must be configured to spawn the proxy on the port that packets are being forwarded to by pf(4). An example inetd.conf(5) entry fol-
lows:
127.0.0.1:6969 dgram udp wait root
/usr/libexec/tftp-proxy tftp-proxy
SEE ALSO
tftp(1), pf(4), pf.conf(5), ftp-proxy(8), inetd(8), syslogd(8), tftpd(8)
CAVEATS
tftp-proxy chroots to /var/empty and changes to user ``proxy'' to drop privileges.
BSD
November 28, 2005 BSD