Network Security: Detailed info on Blocking mass mailings caused by viruses

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Firewalls

[Top] [All Lists]

Blocking mass mailings caused by viruses

from [Erdahl, Larry E] Network Security

[Permanent Link]

Subject:	Blocking mass mailings caused by viruses
Date:	Wed, 12 Oct 2005 10:31:06 -0500

 

Over the past month we've been blacklisted by Spamhaus several times
because of infected workstations and laptops (contractors and
consultants) sending out mass mailings.
My management doesn't want to block port 25 because we have a handful of
physicians who are using POP mail. Does anyone know of an IDS, IPS,
firewall, router ACLs, etc... that will block outgoing SMTP traffic,
based on abnormal traffic volume? 

Thanks in advance!
 
Larry E. Erdahl
IS Security Specialist
Allina Hospital & Clinics
Office (612)775-1273
Cell   (612)804-7324  
larry.erdahl@allina.com
 


This message contains information that may be confidential and privileged.  
Unless you are the addressee (or authorized to receive for the addressee), you 
may not use, copy or disclose to anyone the message or any information 
contained in the message.  If you have received the message in error, please 
advise the sender by reply e-mail and delete the message.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Blocking mass mailings caused by viruses, Erdahl, Larry E <= Re: Blocking mass mailings caused by viruses, David Nichols Re: Blocking mass mailings caused by viruses, Rod Barnhart RE: Blocking mass mailings caused by viruses, Doug Block RE: Blocking mass mailings caused by viruses, Derick Anderson Re: Blocking mass mailings caused by viruses, Dan Lynch RE: Blocking mass mailings caused by viruses, James Allen - Sherman Oaks (Senior Network Administrator)

Previous by Date:	RE: Dual IP Address for Check Point ???, David Gillett
Next by Date:	Re: Cisco PIX vs Cisco ASA, Stephane Tsacas
Previous by Thread:	Cisco Pix - Multiple peers per crypto map sequence..., Mollemans, Bart
Next by Thread:	Re: Blocking mass mailings caused by viruses, David Nichols
Indexes:	[Date] [Thread] [Top] [All Lists]