* Darrell Cormier; on 26 Sep, 2003 wrote:

Carlos E. R. wrote: My understanding of a good approach follows:

1. Firewall (of course, although I have not gotten there yet) 2. postfix - setup and operational 3. antivirus software (I've heard recommended: F-prot, antivir, and clam antivirus. Comments on these appreciated) 4. SpamAssassin 5. Amavis

And then make them all work together. Is this a good/safe approach? Any information on this will be greatly appreciated. I am also struggling through the man pages of some of these. Are there any good references available on the web for getting all this configured? I know that Togan has a great guide for firewall2 which I am currently reading, but how about the rest of these and making it all work together?

I would go for a Proxy Setup for the services I will be accessing on the internet and also would again choose Proxy setup for the services I will be offering to the internet. 1. Firewall Following the Unofficial guide should get you up and running 2,3,4,5) As I see it, all Mail Transport Agents (postfix, sendmail) are actually do proxying (they relay mail for other MTA). Use fetchmail to download the mail from your ISP, let it hand it over to postfix which should hand it over to content filter (antivir is free for private use) and let the content filter deliver the mail to postfix which should relay it to your internal mail server. Use squid for http proxying, use ftp-proxy which comes with proxy-suite for ftp access. I use tircproxy for IRC proxying Use Xntp for time setup and configure the on on the firewall to get synced with pool.ntp.org and then allow it to act as a time server for your internal machines. Make sure you chroot all services you are offering Himm maybe I should start writing a guide on this subject rather than preparing the final version of the susefirewall2 guide. Have nice weekend -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx

* Darrell Cormier; on 26 Sep, 2003 wrote:

Can this set up be configured on a stand alone box? By this, I mean that I have only one PC which I dual boot between WinXP (as seldom as possible) and SuSE 8.2. I know this will not work when I boot up into windows but will it work fine in Linux or is it not feasible.

I personally would not recommend this option, although it will work in Linux

OR

Would it be much more efficient and robust if I had a second computer (even if it were a Pentium MMX) that was primarily for this firewall/antivir/mail_server/proxy/router purpose.

Please give me your feelings on both options.

This is what I would go for as with my desktop, be it WinXP or SuSE I can surf with a feeling of being secure, reading my mails without the worry of a nasty virus ( make sure you update the antivirus frequently and do not open attachments you are unsure) If you install a IMAP server on the firewall then you can have all your mails available to you on both systems. Make sure it is secured. As a paranoiac, yes I can be case study, all the internal LAN machines are firewalled as well along with antivirus software on every single one of them regardless of the operating system they run. Night time reading must Building Internet Firewalls, Second Edition By Elizabeth D. Zwicky, Simon Cooper, & D. Brent Chapman Start with the sample chapter http://www.oreilly.com/catalog/fire2/chapter/ch13.html Happy reading :-) -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx

On Friday 26 September 2003 11:11 am, Darrell Cormier wrote:

Carlos E. R. wrote:

...

The 03.09.23 at 23:55, Vitaly Shishakov wrote:

...

Just as, probably, some of you, i am tired of getting tons of 150kb messages containg yet-another-worm-for windows. Does anybody have a good advise about how could i use my procmail on my server to filter it out?

Search the list, this has been comented several times this month - two by me self this week.

Carlos, and everyone, Since we are again on this subject, and I know this has been addressed a great deal, but I am still a little fuzzy/confused about the whole email/network security approach. I have been trying to read various articles found on the web but I'll admit I am a bit new to admin activities as well as apprehensive until I have a very thorough understanding of the approach. I am currently just using Mozilla to access my ISPs mail server directly. This, I know is not a very good approach and I intend to change it once I have the process down pat.

My understanding of a good approach follows:

1. Firewall (of course, although I have not gotten there yet)

Definitely... I use shorewall

2. postfix - setup and operational

Good but you can receive mail without it.

3. antivirus software (I've heard recommended: F-prot, antivir, and clam antivirus. Comments on these appreciated)

I personally don't think it's necessary and don't ever filter for virii.

4. SpamAssassin

Very good. And you'll probably need procmail in order to call SA.

5. Amavis

Isn't this a virus checker? You'll probably also want fetechmail to get incoming mail from your ISP.

And then make them all work together. Is this a good/safe approach? Any information on this will be greatly appreciated. I am also struggling through the man pages of some of these. Are there any good references available on the web for getting all this configured? I know that Togan has a great guide for firewall2 which I am currently reading, but how about the rest of these and making it all work together?

TIA, Darrell Cormier

-- +----------------------------------------------------------------------------+ + Bruce S. Marshall bmarsh@bmarsh.com Bellaire, MI 09/26/03 11:55 + +----------------------------------------------------------------------------+ "We seem to believe it is possible to ward off death by following rules of good grooming." - Don Delillo