NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > SuSE Linux> 2000-q1

Subject: Re: [suse-security] Application Firewall. (fwd)
From: Volker Wiegand (wiegandsuse.de)
Date: Tue Feb 01 2000 - 08:43:56 CST

Next message: Stephan Gerling: "AW: [suse-security] Application Firewall. (fwd)"
Previous message: Till Franke: "Re: [suse-security] SMTP with SSL [was: [suse-security] POP3 with Outlook SSL]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

sorry, I was not able to follow this list for a few days.

The TIS FWTK is a good starting point, but I see one difficulty: you are
not allowed to provide support for it (we went through it with NAI before)
which is the reason why I wrote the FTP-Proxy. Apart from that, the FWTK
lacks some concepts I wanted to have: LDAP-config, RegEx for FTP-Cmds, GNU
AutoConf, and several others. Anyone can use the FWTK, but they have to do
all changes on their own.

The SuSE Proxy-Suite is an ongoing project with new components right now
being worked on. Next to release are a Virus-Scanner for SMTP and FTP,
plus proxies for Telnet (incl. S/Key), SSH, LDAP, and a Generic-Proxy (a
la Plug-GW). All of those are nearly finished. If I only had more time to
spend on it, there would be way more components available by now.

I am also thinking about an HTTP proxy with a config interface (LDAP) what
to allow/forbid, based upon URL+Client+Protocol (like JavaScript, ActiveX,
...). Dunno if this would be regarded as useful?

I am wide open for suggestions what to do additionally (best would be more
contributors of course :-) or any changes in priority. Just let me know.
Please include my address directly, as I might not always be reading each
and every posting on the list [Sorry].

Maik Außendorf <Maik.Aussendorfsuse.de> is our expert for virus scanners.
If not done already, anybody interested in the topic might want to contact
him.

Volker

-- Volker Wiegand Phone: +49 (0) 6196 / 50951-24 SuSE Rhein/Main AG Fax: +49 (0) 6196 / 40 96 07 Mergenthalerallee 45-47 Mobile: +49 (0) 179 / 292 66 76 D-65760 Eschborn E-Mail: Volker.Wiegand

suse.de ++ Only users lose drugs. Or was it the other way round? ++

---------- Forwarded message ---------- Date: Mon, 10 Jan 2000 11:15:18 +0100 From: Rainer Link <linkfoo.fh-furtwangen.de> To: suse-securitysuse.com Subject: Re: [suse-security] Application Firewall.

Stephan Gerling wrote:

Hi!

> Is the SuSE Proxy Suite it too ???? Well, the SuSE Proxy Suite contains yet only an FTP Proxy, see http://proxy-suite.suse.de

> What is about NNTP, SMTP, Netmeeting, Telnet.... Are there Proxy´s too ????

Hmm, what about the TIS FWTK (www.fwtk.org) or the Juniper Firewall from Obtuse (www.obtuse.com/open_source/). Imho there's a lack of (good) Application Gateways for Linux - but maybe this changes with the SuSE Proxy Suite?! :-)

> What´s about Virus/Trojan or ActiveX and Script Scanning on an Firewall Gateway under Linux. > Are there any tools avaible for free or only commercial Produkts ???

Commercial: Trend Micro's InterScan VirusWall (www.antivirus.com), but it does not work with SuSE 6.2 (I have reports, that it does not work with 6.3, too), because it was developed for RedHat 6.x (I hate it, if software does only run with a specific Linux distro).

Well, limited to eMail Gateway, either AMaViS (GPL), IspMailGate, Scan4Virus (GPL) or H+B EDV AvGuard (commercial, imho). AMaViS can be found at http://amavis.org - but please have a look at http://www.ce.is.fh-furtwangen.de/~link/security/amavis-patch.php3 and especially http://www.unixzone.com/virus/ IspMailGate is a Perl Module, see (your local) CPAN-Archive. Scan4Virus (works only with qmail), see http://www.geocities.com/jhaar/scan4virus/ AvGate is still beta (currently 0.7, IIRC), see ftp.antivir.de/linux/

I would recommend AMaViS, but, well, I'm biased :-)

You may also have a look at: http://www.ce.is.fh-furtwangen.de/~link/security/av-linux.php3 http://www.ce.is.fh-furtwangen.de/~link/security/hotlist.php3#Linux

HTH

best regards, Rainer Link Maintainer Mini-FAQ "Antivirus software for Linux" Member of the AMaViS Development Group

-- Rainer Link, eMail: linkrafh-furtwangen.de, WWW: http://rainer.w3.to/ Student of Communication Engineering/Computer Networking, University of Applied Sciences,Furtwangen,Germany,http://www.ce.is.fh-furtwangen.de/

--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribesuse.com For additional commands, e-mail: suse-security-helpsuse.com

Next message: Stephan Gerling: "AW: [suse-security] Application Firewall. (fwd)"
Previous message: Till Franke: "Re: [suse-security] SMTP with SSL [was: [suse-security] POP3 with Outlook SSL]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]