[clug] Anti-Virus Software

Alex Satrapa grail at goldweb.com.au
Tue Jun 22 16:15:31 MDT 2010

On 22/06/2010, at 20:49, Sam Couter <sam at couter.id.au> wrote:

> I use FireHOL, I leave most outgoing rules wide open. I block port 80 so
> I can run it through a proxy for filtering purposes (I hate ads and it
> won't be long before my kids are old enough to need some controls) and
> port 25 for obvious reasons.

That is only half a firewall. Sure, you are protecting your computers from the Internet, but you're neither protecting the Internet from your computers, nor arranging for alarms to go off when your computers behave unexpectedly.

What is stopping your machines from getting a zombie Trojan which connects out to IRC servers to receive instructions?

My intent at the time was to lock down the network and the computers so that the software I was running would have exactly the access required to do the work expected of them.

In an ideal world, I'd be able to specify (as a simplified example) that Firefox is allowed to make requests on port 80 to the proxy server, and nowhere else - this rule being enforced on the host as well as the firewall (only the proxy is allowed to male requests outside the network).

Alex Satrapa | web.mac.com/alexsatrapa | Ph: +61 4 0770 5332

More information about the linux mailing list