[plug] Securing Redhat 9.0
Tomasz Grzegurzko
tomasz_g at arach.net
Wed Oct 19 09:56:04 WST 2005
At my old company I implemented
http://www.impsec.org/email-tools/procmail-security.html
And it worked _really_ well. Depends on the set up of your MTAs though..
Tomasz
Quoting Leon Brooks <leon at cyberknights.com.au>:
> On Tuesday 18 October 2005 22:22, Kathryn wrote:
> > I would also like to strip all their email attachments on the way
> > in or is that getting a bit harsh? And whitelisted internet access.
>
> Whoo! Atilla the Hen just arrived! (-:
>
> I would recommend scanning all inbound email (ClamAV will do fine, use
> FreshClam to keep it updated), and stripping executables (AMaViS will
> do this neatly) but you will get a lot of staff rensentment from
> whitelisting (what I call "French Foreign Legion" rules: "You shall do
> nothing except..."), which is generally a Very Bad Idea.
>
> Blacklisting the obvious ones and reading the Squid logs for new
> suggestions every so often wouldn't hurt. Does the office have an
> official Internet policy?
>
> Cheers; Leon
>
> --
> http://cyberknights.com.au/ Modern tools; traditional dedication
> http://plug.linux.org.au/ Member, Perth Linux User Group
> http://slpwa.asn.au/ Member, Linux Professionals WA
> http://osia.net.au/ Member, Open Source Industry Australia
> http://linux.org.au/ Member, Linux Australia
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>
More information about the plug
mailing list