Date: Fri, 6 Apr 2001 21:03:37 -0400 (EDT) From: "Dan Mahoney, System Admin" <bsd@gushi.org> To: questions@freebsd.org Subject: "Smart" firewalls. Message-ID: <Pine.BSF.4.21.0104062041260.65964-100000@prime.gushi.org>
next in thread | raw e-mail | index | archive | help
Hi all, I had a couple of firewalling questions... 1) Is there a "smart" firewall product (commercial or otherwise) available for FreeBSD that can automatically detect against things like "Malicious Java Applets, and ActiveX Explots"? (I'm sorry, it's a Boss Question, see Dilbert). If not those, is there at least an Adaptive product that can do for an entire network what portsentry does for a single machine, or that can detect flood attempts and drop them (or even, that can execute a script that telnets to a router and causes the router to drop them)? 2) Is there a way to redirect ALL outgoing requests on port 25 to a single server where it will "act" like it's sending the mail but fail (this is mainly for use in a situation where a keylogger was sending out results via SMTP, naturally, we would want to log such things.) 3) Finally, is there a way to do virus/exploit scanning of all data passing through an interface? This, I realize, would be a processor heavy task, but it would only be (ideally) done for certain network segments (I.E. those that have specifically requested or paid for it.) I'm looking at a lot of the big commercial products right now and the one word that comes to mind is expensive. Many of the less expensive talk about being able to handle "4000 simultaneous connections". I shrug and giggle at that. This is server farm country. I don't care about VPN or ipsec security. I don't care about having a DMZ (many of these servers would be in the dmz on a traditional corporate LAN). I just care about something being (A) Adaptive and (B) transparent (not all of the big ones out there will do this). Any suggestions? -Dan Mahoney -- "You're a thucking reyer!" -Richard Bozzello, who believed tongue piercing was painless. --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Web: http://prime.gushi.org finger danm@prime.gushi.org for pgp public key and tel# --------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0104062041260.65964-100000>