[Samba] RE: Help with virus/hackers

Chris Traylor ctraylor at phalanyx.com
Thu Apr 17 20:30:09 GMT 2003 

On Thu, 2003-04-17 at 16:14, Matt Schillinger wrote:
> > ----------
> > From: 	Matt Schillinger[SMTP:MSCHILLI at VSS.FSI.COM]
> > Sent: 	Thursday, April 17, 2003 4:14:29 PM
> > To: 	Chris Traylor
> > Cc: 	Samba Lists
> > Subject: 	RE: [Samba] RE: Help with virus/hackers
> > Auto forwarded by a Rule
> > 
> On your firewall, forward all http traffic NOT sourced from your proxy
> server, back to your proxy server. Then all your clients will be forced
> through the proxy.
This is quickly getting off topic, and we should probably have this
discussion off the list, but you know as well as I do, that your method
won't work either. Your kid could always run through a different "proxy"
on that machine bypassing your ruleset, and make it look like he/she's
coming from there. But like I said, this has nothing to do with samba.

> 
> Matt Schillinger
> mschilli at vss.fsi.com
> 
> 
> On Thu, 2003-04-17 at 14:53, Chris Traylor wrote:
> > On Thu, 2003-04-17 at 15:31, Coreix Systems - Unix - Linux Development &
> > Internetworking Engineers wrote:
> > > > ----------
> > > > From: 	Coreix Systems - Unix - Linux Development & Internetworking Engineers[SMTP:LISTS at COREIXSYSTEMS.COM.AU]
> > > > Sent: 	Thursday, April 17, 2003 3:31:32 PM
> > > > To: 	Kenny Mann
> > > > Cc: 	Samba Lists
> > > > Subject: 	RE: [Samba] RE: Help with virus/hackers
> > > > Auto forwarded by a Rule
> > > > 
> > > Yes, Just get a PCMCIA Flash card, You can get them to about 2GB now, and a
> > > PCI - PCMCIA card, and
> > > plug it in, I have some code i wrote about 4 years ago to store access control
> > > log's to a building on a
> > > PCMCIA card so it could be taken off site and graphed, who when in at what
> > > day:date:time && exit_time....
> > > 
> > > 
> > > But why, You can use Squid Proxy cache and Webalizer or Awstats to monitor the
> > > kid's, And do a HTTP URI Deny and have a "Porn" list, which you can download
> > > from particular sites of known porn sites, "if that's what you want to deny"...
> > > Or just look at the Webalizer log's
> > Provided that your kids aren't savvy enough to change/remove the proxy
> > server settings.
> > 
> > > 
> > > http://www.mrunix.net/webalizer/
> > > http://awstats.sourceforge.net/
> > > 
> > > Not quite sure of the purpose here....?
> > > 
> > > Regards,
> > > 
> > > Craig R. Marshall
> > > B.E (Hons), M.Eng.Sc., CCNA
> > > Senior Software, IP Telecommunications
> > > & Terrestrial Systems Engineer.
> > > Coreix Systems Australia
> > > mailto:craigrm at coreixsystems.com.au
> > > http://www.coreixsystems.com
> > > 
> > > ================================================================================
> > > ==================
> > > Disclaimer: No guarantee is made that this email is free of computer viruses or
> > > other defects.
> > > We suggest that any attachments be scanned using appropriate virus detection
> > > software before use.
> > > We will accept no liability for any loss or damage, which may result directly or
> > > indirectly from
> > > opening or using any such attachment. This e-mail is confidential. If you
> > > received this in error,
> > > please notify the author by replying to this e-mail or advise us by telephone on
> > > (+618) 9490 6698.
> > > 
> > > Privacy Policy: Coreix Systems is committed to protecting your privacy. If at
> > > any time you choose
> > > not to receive information from us, or you wish to amend your personal
> > > information, please notify
> > > Coreix Systems directly on (+618) 9490 6698, email
> > > mailto:privacy at coreixsystems.com.au or by post
> > > to: Coreix Systems : PO Box 252, Maddington, Perth - Western Australia,
> > > AUSTRALIA 6989. Thank you.
> > > ================================================================================
> > > ==================
> > > 
> > > {-----Original Message-----
> > > {From: samba-bounces+lists=coreixsystems.com.au at lists.samba.org
> > > {[mailto:samba-bounces+lists=coreixsystems.com.au at lists.samba.org]On
> > > {Behalf Of Kenny Mann
> > > {Sent: Friday, 18 April 2003 12:34 AM
> > > {To: John Bradford; Alan Cox
> > > {Cc: joe briggs; samba at lists.samba.org; root at chaos.analogic.com;
> > > {linux-kernel at vger.kernel.org
> > > {Subject: [Samba] RE: Help with virus/hackers
> > > {
> > > {
> > > {>I've often wondered whether it would be worth connecting a
> > > {>very large serial EEPROM to a serial port interface, and
> > > {>have it effectively appear as a solid state printer, (to
> > > {>that you could cheaply log to an unmodifyable device).
> > > {>Has anybody ever tried this?
> > > {
> > > {>John.
> > > {
> > > {Dot Matrix or an old printer would come in handy here with
> > > {a (near-)infinite number of paper feed. :-)
> > > {A friend of mine has done the same thing, except with web logs.
> > > {Mostly so he can watch where his children go, however the same
> > > {could be done about hackers. Only exception is if someone knows
> > > {about it. If they know about it, most likely they know someone
> > > {who has physical access. If it was a rootkit that got you, then
> > > {you are safe. I'm sure the rest should be obvious.
> > > {
> > > {In a nutshell... Yes it can be done and is one of the safer
> > > {methods, but more paranoid (which can be a good thing :-)
> > > {
> > > {
> > > {If you desire to know the method to accomplish this, I would
> > > {be happy to give them to you.
> > > {
> > > {
> > > {Another method, that just popped to mind, is perhaps having
> > > {Some form of a network share somewhere to which only write access
> > > {Is granted. No on could list the files, no one could read the files
> > > {(except for admin of course!). I'm unsure if it's possible to allow
> > > {Only additions to files and no deletions... Just a thought.
> > > {
> > > {Samba Masters> Would this be possible via samba?
> > > {
> > > {--KM
> > > {--
> > > {To unsubscribe from this list go to the following URL and read the
> > > {instructions:  http://lists.samba.org/mailman/listinfo/samba
> > > {
> > > {
> > -- 
> > Chris Traylor <ctraylor at phalanyx.com>
> > 
> > -- 
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
-- 
Chris Traylor <ctraylor at phalanyx.com>

More information about the samba mailing list