Kannanpl
asked on
Suggestion for Protecting Internet Gateway
Dear All,
I am basically NT Admin switched over to Linux.
Recently (Feb'2002), I converted my office network from Winnt Domain Network to Linux.
i)Winnt PDC replaced with SAMBA on Redhat LInux 7.2
ii)Msproxy 2.0 replaced with Squid HTTP Proxy on RH 7.2
iii)Oracle 8i on NT replaced with Oracle 8i on Redhat Linux 7.2
Everything is working smoothly with maximum load.
My Internet Gateway is running on Redhat
Linux 7.2 and I am using ISDN 64k Dialup Service to connect my office to internet. All the clients (win9x,NT Workstation 4.0) are connected to Internet through SQUID Proxy.
Right now My internet gateway is not protected with any antivirus softwre. So, I am getting all Internet Worms like w32@NIMDA.eml , w3@Klez.h . etc.
Moreover, my Samba log folders(/var/log/samba) on Internet Gateway shows some computer logs which was not existing in my network. Moreover, the size of the log file is 0k. All the client system has Mcafee Antivirus software. So, some have I am managing my network from virus attack.
My question is
i) Which is the best antivirus software for protecting my network?Is there any free software available for the same.(As of current finanacial situation my company dont have enough fund for buying the same). I can buy some commercial editions after 3 or 4 months only. So, pls recommend some good free stuff available on the Net?
2) I want to check who are all accessing my system. How they are accesing my resources, etc., (like security auditing in Winnt).
3) Moreoever, my Technical Support Team uses MSN Messenger Service, Yahoo Messenger Service to communicate to the clients in the different parts of the country. The problem is MSN Messenger is getting disconnected once in a 2 minute. How to prevent frequent disconnection of MSN Messenger Service in SQUID Proxy of Redhat LInux 7.2?
With Advanced Thanks
P.L. Kannan
3) Whether my system is protected with
I am basically NT Admin switched over to Linux.
Recently (Feb'2002), I converted my office network from Winnt Domain Network to Linux.
i)Winnt PDC replaced with SAMBA on Redhat LInux 7.2
ii)Msproxy 2.0 replaced with Squid HTTP Proxy on RH 7.2
iii)Oracle 8i on NT replaced with Oracle 8i on Redhat Linux 7.2
Everything is working smoothly with maximum load.
My Internet Gateway is running on Redhat
Linux 7.2 and I am using ISDN 64k Dialup Service to connect my office to internet. All the clients (win9x,NT Workstation 4.0) are connected to Internet through SQUID Proxy.
Right now My internet gateway is not protected with any antivirus softwre. So, I am getting all Internet Worms like w32@NIMDA.eml , w3@Klez.h . etc.
Moreover, my Samba log folders(/var/log/samba) on Internet Gateway shows some computer logs which was not existing in my network. Moreover, the size of the log file is 0k. All the client system has Mcafee Antivirus software. So, some have I am managing my network from virus attack.
My question is
i) Which is the best antivirus software for protecting my network?Is there any free software available for the same.(As of current finanacial situation my company dont have enough fund for buying the same). I can buy some commercial editions after 3 or 4 months only. So, pls recommend some good free stuff available on the Net?
2) I want to check who are all accessing my system. How they are accesing my resources, etc., (like security auditing in Winnt).
3) Moreoever, my Technical Support Team uses MSN Messenger Service, Yahoo Messenger Service to communicate to the clients in the different parts of the country. The problem is MSN Messenger is getting disconnected once in a 2 minute. How to prevent frequent disconnection of MSN Messenger Service in SQUID Proxy of Redhat LInux 7.2?
With Advanced Thanks
P.L. Kannan
3) Whether my system is protected with
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi all
Still I need more info. for my query. Any valuable suggestion is invited.
Kannan
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Use a transparent NAT for the IM clients, and remove the proxy from their config. (Iptables|ipchains HOWTOs give a simple NAT config).
If you are NATing, then the worms should not bother you much. Just hide the samba shares from the internet (all file shares actually). A simple firewall should do that.
Run syslogd, and read your logs. /var/log has all the files you need. Just ensure that logging is on.
Again, you might want to install a Jabber server internally and use that for IM.
If you are NATing, then the worms should not bother you much. Just hide the samba shares from the internet (all file shares actually). A simple firewall should do that.
Run syslogd, and read your logs. /var/log has all the files you need. Just ensure that logging is on.
Again, you might want to install a Jabber server internally and use that for IM.
Ack, sorry for the double post. Bad connection.
Kannanpl:
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
This question has been classified abandoned. I will make a recommendation to the moderators on its resolution in a week or two. I appreciate any comments that would help me to make a recommendation.
Unless it is clear to me that the question has been answered I will recommend delete. It is possible that a Grade less than A will be given if no expert makes a case for an A grade. It is assumed that any participant not responding to this request is no longer interested in its final disposition.
If the user does not know how to close the question, the options are here:
https://www.experts-exchange.com/help/closing.jsp
drewber
Unless it is clear to me that the question has been answered I will recommend delete. It is possible that a Grade less than A will be given if no expert makes a case for an A grade. It is assumed that any participant not responding to this request is no longer interested in its final disposition.
If the user does not know how to close the question, the options are here:
https://www.experts-exchange.com/help/closing.jsp
drewber
Split the points between myself and DVB
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:
Split: chris_calabrese {http:#7022120} & DVB {http:#7101399}
Please leave any comments here within the next four days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
paullamhkg
EE Cleanup Volunteer
I will leave the following recommendation for this question in the Cleanup topic area:
Split: chris_calabrese {http:#7022120} & DVB {http:#7101399}
Please leave any comments here within the next four days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
paullamhkg
EE Cleanup Volunteer
ASKER
Thanks for the useful information. Especially the website cissecurity.com is useful for me. I started exploring the same and will be implementing the Linux Benchmark 1.0 document at my server. Once again Thanks
P.L. Kannan