Block Outgoing HTTP traffic
Hi,
I am working on a linux server. Is there any tool using which we can block outgoing http traffic based on particular keywords. For example, if we have a webpage that contains the word "creditcard", the outgoing traffic from the webserver to the end user's browser should be blocked. Please advice... |
I'm not sure exactly what you mean, but it sounds like you might be looking for something like this:
Web Traffic Filters 'Hope that helps .. PSM PS: Here's another alternative: http://www.howtoforge.com/perfect_li...ewall_ipcop_p2 |
Quote:
What you are proposing here is censorship. It's against the nature of Linux, where we cherish the freedom for all. Perhaps ypu can ask how Google do these things for the totalitarian regimes they prefer to support. If you don't want people to retrieve that kind of information from your servers, just make sure that that kind of information was not available in the first place. |
Quote:
Quote:
|
ok...I guess I need to explain this.
Suppose a person has managed to upload a phishing page (For. e.g. a Bank) that asks users for credit card details. The phishing page has a textbox named "creditcard" (where users enter credit card details), then the server's attempt to send the page to the end user's browser should be blocked. I hope this explains my requirement. I already have snort installed in the server. Is this of any use in my case ? |
Hi win32sux,
I didn't know that mod security can be used to block outbound traffic. How can I use this in my case. May I know the rule that should be used. |
Quote:
If more admins would monitor and restrict outgoing traffic there could be a lot less spam and illegal/fraudulent activity on the internet. "The nature of Linux" is whatever someone can get it to do (or not do). |
Quote:
Because in what you stated, all someone would have to do, is rename that field to something else, like "Middlename" or "phone". What you call the variable is meaningless, if you have the source code. And if you're talking about what's on the form...replace the WORDS "Credit Card #", with a small image-file, SAYING those words. Same thing appears onscreen...but skates right past your filter. To me, though, a filter like this is pointless, and will only really slow down your overall web performance. If you put good security practices in place on your server, harden it up, and make sure your server is only sending pages that YOU wrote, your problem is solved. Eliminate the holes, and the threat is eliminated too. But no matter what you do, that's not going to stop someone internally at your organization from stealing the info if they want it. |
All times are GMT -5. The time now is 10:35 AM. |