Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: ghe (gheslsware.com)
Date: Thu Mar 26 2009 - 08:49:25 CDT
-----BEGIN PGP SIGNED MESSAGE-----
Ivan Ricotti wrote:
>> 1, Eliminate windows users from your network.
> Yeah! I really would like to! :D
> Sadly, I can't... :'(
There's a rule in my (Cisco) border router that allows only the DMZ
mailserver to connect to port 25 outside my net. That would kill some of
the things I've heard about (we don't have MS bits on our nets :-)
And, if you're doing Linux, there's an iptables module called 'recent'.
It's usually used to protect against brute force attacks from the 'Net,
but it could be used on the incoming side of a packet filter on the DMZ
mailserver to prevent huge emailings from inside:
And, of course, both IOS and recent/iptables can log the offenders and
let you know who must be punished...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----