Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I know ipfiltering with iptables is no problem, but after doing some research, I've seen no definate answer that this can be done with software that's currently out there under the GNU license. I'd like to build a filtering router for my local network of M$ machines so that I won't have to deal or worry with adware. I'd love for it to block all jscript, activex, cookies, ads, and worms/trojans with live filtering. Anyone got any ideas. Btw, I am a newb to linux so don't hurt me too much
Distribution: Fedora, Debian, OpenSuSE and Android
Posts: 1,820
Rep:
We have been very successful in reducing the adware, advertisements, and other such filth our users see on the web. While I do maintain some ipfiltering with my iptables firewalls, Squid and it's wonderful cousin SquidGuard have really made the difference.
Here is how it works:
Most of the major spyware apps that you see on a corporate LAN originate on a handful of domains. The same is true for most advertisements, pop-ups and embedded. Once you figure out where they originate, blocking becomes easier.
Set up Squid to proxy the web for your network.
Set up SquidGuard (keep those blacklists current)
Create a custom blacklist (domains file and url file) and store them with the default ones.
Set up Saint and/or Sarg to monitor Squid usage.
Each time you find spyware on a pc, check sarg to see where the machine was going on the web. You should see connections to the same servers over and over again (Ad fetching and updating and telling the scum who wrote it where you surf). If you are not sure of a url, try it in a browser, they normally will display an error.
After a few weeks you will have a pile of urls used by the scumware which you simply add to your custom url file discussed above.
Once you get comfortable blocking spyware, create another custom file for ad-servers like doubleclick and the like.
While the above wont stop spyware from installing itself, or being installed, it will prevent them from downloading pop-up ads and other scumware.
I know about Sarg, but what is Saint? I tried to google on that.
Beside having to do acrobatic queries to avoid christian saints, most of the pages in the result did not have the world saint in them! (google bug or what?). That was quite irritating.
Bottom line is I did not find any saint. So I thought, maybe you did a spelling mistake?
Tanks for the link. I took a look at this saint ("Security Administrator's Integrated Network Tool"), read some of the website articles and carefully examined their online demo, yet I could not find anything related to squid.
Originally posted by rozz Tanks for the link. I took a look at this saint ("Security Administrator's Integrated Network Tool"), read some of the website articles and carefully examined their online demo, yet I could not find anything related to squid.
yeah, me neither... but it's the only saint i'd ever heard of...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.