Firewall Wizards mailing list archives
RE: [OT]Virus/File scanning on *nix servers
From: Michael Walter <walterm () Gliatech com>
Date: Wed, 21 Mar 2001 14:36:32 -0500
Trend Micro http://www.antivirus.com makes an excellent(IMHO) virus scanner for firewalls. It scans http/smtp/ftp, works on aix/linux/solaris/nt and allows blocking of file attachments by file type. You can get a demo from their web site. I currently have it deployed on the gateway for a 100 user network running on a custom linux box and I haven't had a problem with it. Hope that helps, Michael J. Walter rhce mcdba mcse+i a+ Network Administrator Gliatech, Inc. 23420 Commerce Park Rd. Beachwood, Ohio 44122 Tel: (216) 831-3200 Email: walterm () gliatech com -----Original Message----- From: Bob Washburne [mailto:rcwash () concentric net] Sent: Wednesday, March 21, 2001 10:06 AM To: firewall-wizards () nfr com Subject: [fw-wiz] [OT]Virus/File scanning on *nix servers Please forgive the slightly off toppic post, but this seemed to be a good group of people to ask and the application is more firewall-ish than it is proxy-ish. Can anyone point me to an available program which will scan both files and emails for both attached virus and file types (such as *.VBS) on a *nix system (probably AIX or Linux)? The Situation: ============= Company A uses Microsoft Exchange for its email. They have set up three layers of virus defence; scanning at the firewall, the Exchange server and the client. The scanning at the firewall and server levels strips out any file or attachment with a given extention, .VBS for example. This removes new hostile scripts before the virus scanners have a profile defined. Company A now hires Company B to provide on-site support. Company B uses Lotus Notes for its internal communication. Normally, Company B provides a VPN to its onsite employees so that they may communicate with the rest of Company B. But that, added to the fact that Lotus Notes uses a proprietary protocol, creates a tunnel through the existing firewall and server scanners. Company A requires that ALL files be scanned before they are allowed into the LAN. Mearly haveing a client-side scanner is insufficient for Company A. Haveing stand-alone kiosk systems (not connected to the LAN) with a modem is not sufficient for Company B (all of Company B is involved in the support. They don't just drop off a couple of bodies and say "Good Luck." So close communication is essential.) Neither company is going to change its mail server vendor. The proposed solution is to place a Lotus Notes server (AIX or Linux) on Company A's LAN behind the firewall. This Notes server must then run scanning software to check emails and other files for known virus' as well as strip all files with evil extentions such as .VBS. This would be agreeable to both companies, IF it works. So, can anybody point me to a package which could provide this level of scanning? The companies involved would probably feel more comfortable with commercial rather than open-source, but will accept whatever works. The situation is not particularly price sensitive, so any reasonable cost is fine. Please feel free to respond directly to me off-list if you think that would be appropriate. Thanks in advance, Bob Washburne rcwash () concentric net _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: [OT]Virus/File scanning on *nix servers Michael Walter (Mar 22)
- Re: [OT]Virus/File scanning on *nix servers Bob Washburne (Mar 22)
- <Possible follow-ups>
- RE: [OT]Virus/File scanning on *nix servers yehuda (Mar 22)
- RE: [OT]Virus/File scanning on *nix servers Michael Brennen (Mar 23)
- RE: [OT]Virus/File scanning on *nix servers Michael Walter (Mar 23)
- RE: [OT]Virus/File scanning on *nix servers Justin Shore (Mar 28)