Hi Volker,
The TIS FWTK is not longer for free use, i think.
The SuSE Proxy-Suite is a good Proxy Suite. If it is supporting Virus Scanner for
SMTP and FTP it would be a good solution.When you thinking about an Proxy for HTTP,
whats about User Timeline restrictions and Time based URL restriction for the HTTP use.
I am now using Squid. The best way, i think is, all from one hand wich is easylier to configure and
monitoring the activity on the web.
One thing i am missing in the Proxys is, that logging is not avaible on an SQL Database like Oracle, MS-SQL or
MY-SQL directly. Or i dont know how to set it up.
Collecting the data from the different logfile and make an report (even if it is done automaticly by scripts)
is an boring work. Has someone an idea about an solution ????
Did some one use the little brother program from kansmen (www.kansmen.com)???? This progie makes super
reports for outgoing traffic. Such reports you can create with the OLAP Service of MS-SQL 7.0 if there
is an way to import the data from the logfiles.
Are there any aditional tools for monitoring the incomming/outgoing Traffic with bandwidth use and reading the
logs made by ipchains and the proxysuite for easy reports creating?????
Iptraf, tcpdump...... are good tools, but i am looking for an all in one (eierlegendewollmilchsau) solution.
I think thats enough for today.
best regards
Stephan Gerling
-----Ursprüngliche Nachricht-----
Von: Volker Wiegand [SMTP:wiegand@suse.de]
Gesendet am: Dienstag, 1. Februar 2000 15:44
An: suse-security@suse.com
Cc: Maik Aussendorf
Betreff: Re: [suse-security] Application Firewall. (fwd)
Hi all,
sorry, I was not able to follow this list for a few days.
The TIS FWTK is a good starting point, but I see one difficulty: you are
not allowed to provide support for it (we went through it with NAI before)
which is the reason why I wrote the FTP-Proxy. Apart from that, the FWTK
lacks some concepts I wanted to have: LDAP-config, RegEx for FTP-Cmds, GNU
AutoConf, and several others. Anyone can use the FWTK, but they have to do
all changes on their own.
The SuSE Proxy-Suite is an ongoing project with new components right now
being worked on. Next to release are a Virus-Scanner for SMTP and FTP,
plus proxies for Telnet (incl. S/Key), SSH, LDAP, and a Generic-Proxy (a
la Plug-GW). All of those are nearly finished. If I only had more time to
spend on it, there would be way more components available by now.
I am also thinking about an HTTP proxy with a config interface (LDAP) what
to allow/forbid, based upon URL+Client+Protocol (like JavaScript, ActiveX,
...). Dunno if this would be regarded as useful?
I am wide open for suggestions what to do additionally (best would be more
contributors of course :-) or any changes in priority. Just let me know.
Please include my address directly, as I might not always be reading each
and every posting on the list [Sorry].
Maik Außendorf
Is the SuSE Proxy Suite it too ???? Well, the SuSE Proxy Suite contains yet only an FTP Proxy, see http://proxy-suite.suse.de
What is about NNTP, SMTP, Netmeeting, Telnet.... Are there Proxy´s too ????
Hmm, what about the TIS FWTK (www.fwtk.org) or the Juniper Firewall from Obtuse (www.obtuse.com/open_source/). Imho there's a lack of (good) Application Gateways for Linux - but maybe this changes with the SuSE Proxy Suite?! :-)
What´s about Virus/Trojan or ActiveX and Script Scanning on an Firewall Gateway under Linux. Are there any tools avaible for free or only commercial Produkts ???
Commercial: Trend Micro's InterScan VirusWall (www.antivirus.com), but it does not work with SuSE 6.2 (I have reports, that it does not work with 6.3, too), because it was developed for RedHat 6.x (I hate it, if software does only run with a specific Linux distro). Well, limited to eMail Gateway, either AMaViS (GPL), IspMailGate, Scan4Virus (GPL) or H+B EDV AvGuard (commercial, imho). AMaViS can be found at http://amavis.org - but please have a look at http://www.ce.is.fh-furtwangen.de/~link/security/amavis-patch.php3 and especially http://www.unixzone.com/virus/ IspMailGate is a Perl Module, see (your local) CPAN-Archive. Scan4Virus (works only with qmail), see http://www.geocities.com/jhaar/scan4virus/ AvGate is still beta (currently 0.7, IIRC), see ftp.antivir.de/linux/ I would recommend AMaViS, but, well, I'm biased :-) You may also have a look at: http://www.ce.is.fh-furtwangen.de/~link/security/av-linux.php3 http://www.ce.is.fh-furtwangen.de/~link/security/hotlist.php3#Linux HTH best regards, Rainer Link Maintainer Mini-FAQ "Antivirus software for Linux" Member of the AMaViS Development Group -- Rainer Link, eMail: linkra@fh-furtwangen.de, WWW: http://rainer.w3.to/ Student of Communication Engineering/Computer Networking, University of Applied Sciences,Furtwangen,Germany,http://www.ce.is.fh-furtwangen.de/ --------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com --------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com