LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Anti Phishing (http://www.linuxquestions.org/questions/linux-security-4/anti-phishing-724357/)

priyadarshan 05-07-2009 06:00 AM

Anti Phishing
 
I want to develop Anti Phishing system for Linux.....

So Firstly I want to know,

As IPTables is to Firewall,
OpenVPN is to VPN,
Snort is to Intrusion Prevention System

than

........<WHAT???>...... is to ANTI PHISHING???????????/


Provide me tutorial and other links too regarding so.......

win32sux 05-07-2009 10:00 AM

Quote:

Originally Posted by priyadarshan (Post 3533130)
I want to develop Anti Phishing system for Linux.....

So Firstly I want to know,

As IPTables is to Firewall,
OpenVPN is to VPN,
Snort is to Intrusion Prevention System

than

........<WHAT???>...... is to ANTI PHISHING???????????/


Provide me tutorial and other links too regarding so.......

On the client side, Firefox comes with built-in phishing protection.

On the server side, ClamAV lets you use phishing signatures.

priyadarshan 05-07-2009 10:11 AM

I want to implement so in UTM then???

win32sux 05-07-2009 11:45 AM

Quote:

Originally Posted by priyadarshan (Post 3533392)
I want to implement so in UTM then???

Wouldn't a unified threat management solution already include anti-phishing technology?

farslayer 05-07-2009 11:53 AM

I currently run a fortinet unit on my gateway, and it automatically blocks phishing and pharming
My anti-spam solution blocks phishing emails
My Checpoint UTM-1 Firewall also has the capability to run those services.. (at a higher price of course)

so I would think a UTM solution would cover this already as well..


http://www.untangle.com/
Untangle handles anti-phishing among other things..

Code:

Untangle
Open Source Apps

    * Web Filter
    * Spam Blocker
    * Firewall
    * Spyware Blocker
    * Virus Blocker
    * Protocol Control
    * Intrusion Prevention
    * OpenVPN
    * Phish Blocker
    * Attack Blocker
    * Reports
    * Routing & QoS

[Edit Update]
I just took a closer look at Untangle. I may replace my undersized fortinet box with this.. Downloading now for testing.. this thinkg looks pretty sweet from the Demo vid, and I can purchase JUST teh AD integration part for about $150.00 a year. I think I just sold myself on an new system. and it will be less expensive than my current fortinet Supppoort contract which is pretty reasonable as it is..

Watch the Demo video at their site. They did a nice job on thie front end for this system.

Sweet Rack !! :)

priyadarshan 05-08-2009 03:57 AM

Actually I am implementing UTM device so I am done with Firewall, Ani Virus , IPS Bla Bla Bla..... I just want a tool which can be configured in linux to implement Anti Phishing like I did in IPTables for implementing firewall.....

win32sux 05-08-2009 04:01 AM

Quote:

Originally Posted by priyadarshan (Post 3534276)
Actually I am implementing UTM device so I am done with Firewall, Ani Virus , IPS Bla Bla Bla..... I just want a tool which can be configured in linux to implement Anti Phishing like I did in IPTables for implementing firewall.....

Why can't you just add phishing signatures to whatever anti-virus you are using?

priyadarshan 05-08-2009 05:02 AM

SO from where Can I find phishing signature?

win32sux 05-08-2009 05:19 AM

Quote:

Originally Posted by priyadarshan (Post 3534322)
SO from where Can I find phishing signature?

If you're using ClamAV it already comes with tons of phishing signatures for both email and HTML. I did a search of their database a minute ago and it returned almost 2,500 results. If you wanna add your own signatures I gave you a link to a HOWTO above.

priyadarshan 05-08-2009 06:42 AM

But Clam AV is anti virus so it gets up only when upload or download is made :(

I mean how will it detect just simple HTML request?

win32sux 05-08-2009 02:18 PM

Quote:

Originally Posted by priyadarshan (Post 3534390)
But Clam AV is anti virus so it gets up only when upload or download is made :(

I mean how will it detect just simple HTML request?

Couple it with something like HAVP perhaps?


All times are GMT -5. The time now is 11:54 PM.