Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Traffic Examination through Linux Firewall

From: Dominik Miklaszewski <dmikey () mac com>
Date: Tue, 16 Jul 2002 12:40:30 -0700
Marc DVer wrote:


I presently have a RedHat 7.1 firewall/router set up with IPChains.  What I
would like to do is examine pop3 and http traffic for executables and other
hazardous traffic.  The pop3 server is provided by a third party for
security reasons.  Is there a way of doing this easily?
Marc DVer
White Eagle Laboratories, Inc.


Marc,

As far as I can tell .. content inspection is layer 7 .. and ipchains is.. hmm
layer 3... to which all executables of the world are transparent.
You'd need some application proxy for pop3 and http with ability to (at least)
report MIME contents..

D.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: