Firewall Wizards mailing list archives
Re: Traffic Examination through Linux Firewall
From: Dominik Miklaszewski <dmikey () mac com>
Date: Tue, 16 Jul 2002 12:40:30 -0700
Marc DVer wrote:
I presently have a RedHat 7.1 firewall/router set up with IPChains. What I would like to do is examine pop3 and http traffic for executables and other hazardous traffic. The pop3 server is provided by a third party for security reasons. Is there a way of doing this easily? Marc DVer White Eagle Laboratories, Inc.
Marc, As far as I can tell .. content inspection is layer 7 .. and ipchains is.. hmm layer 3... to which all executables of the world are transparent. You'd need some application proxy for pop3 and http with ability to (at least) report MIME contents.. D. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Traffic Examination through Linux Firewall Marc DVer (Jul 16)
- Re: Traffic Examination through Linux Firewall Dominik Miklaszewski (Jul 16)