Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Suggestion for Protecting Internet Gateway

Posted on 2002-05-20
11
Medium Priority
?
278 Views
Last Modified: 2013-12-15
Dear All,
I am basically NT Admin  switched over to Linux.  
Recently (Feb'2002), I converted my office network from Winnt Domain Network to Linux.

     i)Winnt PDC replaced with SAMBA on Redhat LInux 7.2
     ii)Msproxy 2.0 replaced with Squid HTTP Proxy on RH 7.2
     iii)Oracle 8i on NT replaced with Oracle 8i on Redhat  Linux 7.2

Everything is working smoothly with maximum load.

             My Internet Gateway is running on Redhat
Linux 7.2 and I am using ISDN 64k Dialup Service to connect my office to internet. All the clients (win9x,NT Workstation 4.0) are connected to Internet through SQUID Proxy.

              Right now My internet gateway is not protected with any antivirus softwre. So, I am getting all Internet Worms like w32@NIMDA.eml , w3@Klez.h . etc.

       Moreover, my Samba log folders(/var/log/samba) on Internet Gateway shows some computer logs which was not existing in my network. Moreover, the size of the log file is 0k. All the client system has Mcafee Antivirus software. So, some have I am managing my network from virus attack.

 My question is

i) Which is the best antivirus software for protecting my network?Is there any free software available for the same.(As of current finanacial situation  my company dont have enough fund for buying the same). I can buy some commercial editions after 3 or 4 months only. So, pls recommend some good free stuff available on the Net?
 
 
2) I want to check who are all accessing my system. How they are accesing my resources, etc., (like security auditing in Winnt).

3) Moreoever, my Technical Support Team uses MSN Messenger Service, Yahoo Messenger Service  to communicate to the clients in the different parts of the country. The problem is MSN Messenger is getting disconnected once in a 2 minute. How to prevent frequent disconnection of MSN Messenger Service in SQUID Proxy of Redhat LInux 7.2?

With Advanced Thanks


P.L. Kannan



3) Whether my system is protected with

 
0
Comment
Question by:Kannanpl
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
11 Comments
 
LVL 14

Accepted Solution

by:
chris_calabrese earned 300 total points
ID: 7022120
First off, I noticed that you entered this question twice, so you might want to go and delete one of them.

Meanwhile...

1.  There are lots of A/V solutions out there, but I'm not directly familiar with any free ones for Linux.  I got the following pointers by searching for 'free antivirus linux' on google, however:
http://www.homenethelp.com/web/howto/free-antivirus.asp
http://www.learninglinux.com/article.php?sid=77
http://www.freebyte.com/antivirus/

2.  There are various auditing and logging functions in Linux, Samba, Squid, etc.  For Linux stuff, you should look at the Center for Internet Security Linux Benchmark (http://www.cisecurity.org/).  For Samba stuff, how to turn on maximal logging should be obvious in the admin GUI.  I haven't used Squid, so I won't comment there.

3.  I haven't used Squid, so I can't help out too much here, but I'm guessing this happens when the session has been idle.  You might want to look in the docs/FAQ's for related info.
0
 

Author Comment

by:Kannanpl
ID: 7026284
Hi chris calabrese,

Thanks for the useful information. Especially the website cissecurity.com is useful for me. I started exploring the same and will be implementing the Linux Benchmark 1.0 document at my server. Once again Thanks

P.L. Kannan

0
 

Author Comment

by:Kannanpl
ID: 7026289

Hi all
Still I need more info. for my query.  Any valuable suggestion is invited.

Kannan
0
Containers & Docker to Create a Powerful Team

Containers are an incredibly powerful technology that can provide you and/or your engineering team with huge productivity gains. Using containers, you can deploy, back up, replicate, and move apps and their dependencies quickly and easily.

 
LVL 3

Assisted Solution

by:DVB
DVB earned 300 total points
ID: 7101399
Use a transparent NAT for the IM clients, and remove the proxy from their config. (Iptables|ipchains HOWTOs give a simple NAT config).

If you are NATing, then the worms should not bother you much. Just hide the samba shares from the internet (all file shares actually). A simple firewall should do that.

Run syslogd, and read your logs. /var/log has all the files you need. Just ensure that logging is on.

Again, you might want to install a Jabber server internally and use that for IM.
0
 
LVL 3

Expert Comment

by:DVB
ID: 7101400
Use a transparent NAT for the IM clients, and remove the proxy from their config. (Iptables|ipchains HOWTOs give a simple NAT config).

If you are NATing, then the worms should not bother you much. Just hide the samba shares from the internet (all file shares actually). A simple firewall should do that.

Run syslogd, and read your logs. /var/log has all the files you need. Just ensure that logging is on.

Again, you might want to install a Jabber server internally and use that for IM.
0
 
LVL 3

Expert Comment

by:DVB
ID: 7101401
Ack, sorry for the double post. Bad connection.
0
 

Expert Comment

by:CleanupPing
ID: 9077008
Kannanpl:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
LVL 1

Expert Comment

by:drewber
ID: 9220376
This question has been classified abandoned. I will make a recommendation to the moderators on its resolution in a week or two. I appreciate any comments that would help me to make a recommendation.
 

Unless it is clear to me that the question has been answered I will recommend delete. It is possible that a Grade less than A will be given if no expert makes a case for an A grade. It is assumed that any participant not responding to this request is no longer interested in its final disposition.

 
If the user does not know how to close the question, the options are here:
http://www.experts-exchange.com/help/closing.jsp
 
drewber
0
 
LVL 14

Expert Comment

by:chris_calabrese
ID: 9223782
Split the points between myself and DVB
0
 
LVL 12

Expert Comment

by:paullamhkg
ID: 10380064
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

Split: chris_calabrese {http:#7022120} & DVB {http:#7101399}

Please leave any comments here within the next four days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

paullamhkg
EE Cleanup Volunteer
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question