Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Family protection - proxy?

from [Bill Diamond] Network Security [Permanent Link]
Subject: RE: Family protection - proxy?
Date: Thu, 30 Mar 2006 18:21:40 -0600 
I don't disagree, but I may take this a step further.

I had the same problem a few years ago.  We all had pop accounts through
our ISP as well as various personal accounts.  The amount of spam,
malware, and plain yeech was astonishing. 

The solution I chose was to build a Linux server (but, you could do this
as easily with BSD).  I set up postfix, fetchmail, spamassassin and
clamav.  

All email gets pulled by the fetchmail process, processed through clamav
and spamassassin. Users connect to the Linux box via IMAP. 

I did use an Athlon XP 2400 box with 1 GB RAM for several years until it
suddenly died.  The replacement was an eMachines 62xx with 1.25 GB RAM.
Took less than a day to configure.  I spend less than 2 hours per week
keeping it up to date with new rules for procmail.  I did do some custom
spamassassin rules to change the subject line to reflect the spam score.
Scores of 5 points or less go into a "suspects" folder; 5 to 10 points
go into a "spam" folder.  Anything above 10 points goes into a folder
that's hidden from the user. 

The most effort was in creating the content filters for postfix, which
seemed scary at first but turned out to be nearly mindlessly easy and
pretty near foolproof. We're down to fewer than 5 false negatives that
slip through per day, and those are usually harmless solicitations. 

Concur as well with the recommendations regarding the configuration of
dansguardian. 

Bill

-----Original Message-----
From: ragdelaed [mailto:ragdelaed@gmail.com] 
Sent: Thursday, March 30, 2006 11:52 AM
To: Paul Simons
Cc: security-basics@securityfocus.com
Subject: Re: Family protection - proxy?

install debian on a headless walmart special with 2 nic cards, one for 
your lan, the other for the wan. install squid and dansguardian. install

clamav with anti-virus plugin, if you wish, but it will run slower. 
much. run sarg for the reports. run dglog.pl for quick logs.

the best way to do it is to look at the howto at the bottom, then 
download each component separately, install, mess it up, play around, 
break it, then start all over again. depending on your experience level,

this might take a while. if you are unfamiliar with much of the below, 
then count on at least a week to build, test, then deploy.

also, you need to configure the walmart special as your gateway. whether

you make it the dhcp server or not, it needs to be your gateway. then 
you can direct all port 80 traffic to the dansguardian filter without 
having to change any clients in your house. you make your box a 
transparent proxy. instructions are in the howto.

this might take a while, but it is very worth it. i have three boys that

love yugioh and junk like that, so they are on the net all the time. 
they get blocked a lot. :)

consider the enterprise equivalent. an enterprise proxy solution will 
run about 250k for product and support, a content filtering solution 
will be about 300k, an anti-virus solution will run about 100k, and the 
monitoring and logging in man hours will be huge. estimate 500k for a 
complete bundle solution, and your eyes bug out. and dansguardian is not

just a black list filter, but rather a weighted content solution that 
does not depend on pre existing blacklists but can catch things on the 
fly based on the content in the page. i like it. for about 300 bucks, 
you can have all of the above, plus the other coolness that linux gives
you.

walmart:
http://www.walmart.com/catalog/product.do?product_id=4659580
http://www.newegg.com/Product/Product.asp?Item=N82E16822998004
or
http://www.newegg.com/Product/Product.asp?Item=N82E16833315001

dansguardian:
http://dansguardian.org/

squid:
http://www.squid-cache.org/

AV:
http://www.pcxperience.org/dgvirus/
http://www.clamav.net/

sarg:
http://sarg.sourceforge.net/

dglog.pl:
http://www.tiger.org/technology/dg/

howto:
http://www.ysgnet.com/modules.php?op=modload&name=News&file=article&sid=
164
http://www.nyetwork.org/wiki/DansGuardian


Paul Simons wrote:

I am looking for advice on how I can best protect my family from the
'horrors' on the Internet.
We have a small ADSL/wireless network at home (with a firewall and AV

on

all systems) on which my kids have their PCs/Macs. My wife and I use

it

via our laptops.

What is the best way of stopping access to porn/violence/etc.?

I was looking at setting up a system with a proxy. Or maybe paying for
some sort of service?
I don't really want to have to install a package on every system
(expensive and unmanageable)
Any other suggestions gratefully considered

Paul


To find out more about Reuters visit www.about.reuters.com

Any views expressed in this message are those of the individual

sender, except where the sender specifically states them to be the views
of Reuters Ltd.





------------------------------------------------------------------------
---

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting

experience. 

Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity

Planning, 

Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus


------------------------------------------------------------------------
---



  


------------------------------------------------------------------------
---
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting
experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity
Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Internet Keyword System.., cc
Next by Date:  Re: Family protection - proxy?, secret
Previous by Thread:  Re: Family protection - proxy?, barcajax
Next by Thread:  Re: Family protection - proxy?, secret
Indexes:  [Date] [Thread] [Top] [All Lists]