[plug] Securing Redhat 9.0
Leon Brooks
leon at cyberknights.com.au
Wed Oct 19 07:11:10 WST 2005
On Tuesday 18 October 2005 22:22, Kathryn wrote:
> I would also like to strip all their email attachments on the way
> in or is that getting a bit harsh? And whitelisted internet access.
Whoo! Atilla the Hen just arrived! (-:
I would recommend scanning all inbound email (ClamAV will do fine, use
FreshClam to keep it updated), and stripping executables (AMaViS will
do this neatly) but you will get a lot of staff rensentment from
whitelisting (what I call "French Foreign Legion" rules: "You shall do
nothing except..."), which is generally a Very Bad Idea.
Blacklisting the obvious ones and reading the Squid logs for new
suggestions every so often wouldn't hurt. Does the office have an
official Internet policy?
Cheers; Leon
--
http://cyberknights.com.au/ Modern tools; traditional dedication
http://plug.linux.org.au/ Member, Perth Linux User Group
http://slpwa.asn.au/ Member, Linux Professionals WA
http://osia.net.au/ Member, Open Source Industry Australia
http://linux.org.au/ Member, Linux Australia
More information about the plug
mailing list