Firewall Wizards mailing list archives
[OT]Virus/File scanning on *nix servers
From: Bob Washburne <rcwash () concentric net>
Date: Wed, 21 Mar 2001 10:06:03 -0500
Please forgive the slightly off toppic post, but this seemed to be a good group of people to ask and the application is more firewall-ish than it is proxy-ish. Can anyone point me to an available program which will scan both files and emails for both attached virus and file types (such as *.VBS) on a *nix system (probably AIX or Linux)? The Situation: ============= Company A uses Microsoft Exchange for its email. They have set up three layers of virus defence; scanning at the firewall, the Exchange server and the client. The scanning at the firewall and server levels strips out any file or attachment with a given extention, .VBS for example. This removes new hostile scripts before the virus scanners have a profile defined. Company A now hires Company B to provide on-site support. Company B uses Lotus Notes for its internal communication. Normally, Company B provides a VPN to its onsite employees so that they may communicate with the rest of Company B. But that, added to the fact that Lotus Notes uses a proprietary protocol, creates a tunnel through the existing firewall and server scanners. Company A requires that ALL files be scanned before they are allowed into the LAN. Mearly haveing a client-side scanner is insufficient for Company A. Haveing stand-alone kiosk systems (not connected to the LAN) with a modem is not sufficient for Company B (all of Company B is involved in the support. They don't just drop off a couple of bodies and say "Good Luck." So close communication is essential.) Neither company is going to change its mail server vendor. The proposed solution is to place a Lotus Notes server (AIX or Linux) on Company A's LAN behind the firewall. This Notes server must then run scanning software to check emails and other files for known virus' as well as strip all files with evil extentions such as .VBS. This would be agreeable to both companies, IF it works. So, can anybody point me to a package which could provide this level of scanning? The companies involved would probably feel more comfortable with commercial rather than open-source, but will accept whatever works. The situation is not particularly price sensitive, so any reasonable cost is fine. Please feel free to respond directly to me off-list if you think that would be appropriate. Thanks in advance, Bob Washburne rcwash () concentric net _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Honeynet Project - Scan of the Month Lance Spitzner (Mar 01)
- [OT]Virus/File scanning on *nix servers Bob Washburne (Mar 21)
- Re: [OT]Virus/File scanning on *nix servers Jose Nazario (Mar 22)
- Re: [OT]Virus/File scanning on *nix servers Volker Tanger (Mar 22)
- [OT]Virus/File scanning on *nix servers Bob Washburne (Mar 21)