Re: File Catching Firewall?

["Alex Pimperton" <Alex () magdalenstreet co uk>]

If you want a simple Linux distro to use, ASTARO might do it:

www.astaro.com

You can tweak the smtp proxy on it to do what you like(Quarentine,
delete), and it also includes spam assassin.

Best of all, its all done via a very simple front end so you don't have
to be a linux guru.

I currently have it protecting my exchange 2003 server and haven't had
one virus get past.

Alex

-----Original Message-----
From: Michael LaSalvia [mailto:mike () genxweb net] 
Sent: 04 February 2004 19:01
To: 'Jason Haith'; 'securityfocus'
Subject: RE: File Catching Firewall?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can try putting a linux box running spam assassin in the front of
the firewall or even behind it have that do your mail filtering then
forward the mail to the mail server minus the spam (including
viruses) currently my mail server is blocking and removing all
instances of my doom, I have not had one out break in our domain with
that software yet. I have all the spam forwarded to an account for
reviewing to make sure my filters are not blocking anything
important.

If you want to catch the attachments you can try using mailsnarf and
filesnarf it is a package in the dsniff suite. Though that wont stop
the mail from coming in it will store a copy of the file on that box.

- -----Original Message-----
From: Jason Haith [mailto:jhaith () genesissys com] 
Sent: Tuesday, February 03, 2004 4:08 PM
To: securityfocus
Subject: File Catching Firewall?

Was asked to look into maybe putting in a Linux box in front of our
mail
server to stop the massive amounts of email attachments we have been
receiving as of late due to 'MyDoom'. We currently have a WG
FireBoxII and
software on our Mail Server that is supposed to be catching
everything, but
with so much coming in it's missing alot. I was wondering if anyone
had any
ideas on some type of solution for this, all input is greatly
appreciated.
Thank you.

Jason Haith
Genesis Systems


- ----------------------------------------------------------------------
- -----
Ethical Hacking at InfoSec Institute. Mention this ad and get $720
off any 
course! All of our class sizes are guaranteed to be 10 students or
less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720
off 
any course!  
- ----------------------------------------------------------------------
- ------




-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBQCFBUnAnVb+gRdsVEQIKBwCfXPamMuR/ttCuf9FpyZriL6TPI8MAoMMS
XrHZmaOuj2QWaHtFE1SMFxJY
=F9DJ
-----END PGP SIGNATURE-----



------------------------------------------------------------------------
---
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off
any 
course! All of our class sizes are guaranteed to be 10 students or less.

We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720
off 
any course!  
------------------------------------------------------------------------
----




---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
course! All of our class sizes are guaranteed to be 10 students or less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
any course!
----------------------------------------------------------------------------