LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-19-2010, 11:52 PM   #1
ahmedkamel1355
LQ Newbie
 
Registered: Nov 2010
Posts: 4

Rep: Reputation: 0
Question on securing port80 from upload


Hello,
I am using a linux fedora 12.0 with L7 filter and proxy as the main firewall for my system composed of some several hundred pcs. The port 80 is open for certain mac addresses these computers, that is to say that , only a few of these computers have access to internet and others have been denied. However, they have access to two specific websites on internet .
I would like to know that if there is a virus attack through these websites in form of executable adwares or malwares, can this linux firewall detect any information that might be directed out of those computers to the attacking source? In other words, is there s tuning in L7 filter or any other filter that can detect transfer of files or some bites through port 80 unrelated to normal http requests?
Thanks
 
Old 11-20-2010, 05:32 AM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by ahmedkamel1355 View Post
detect transfer of files or some bites through port 80 unrelated to normal http requests?
Maybe you could implement an ACL in your proxy server which checks for HTTP methods (with the objective being to block anything that doesn't match). For example, if you're using Squid you could do something like:
Code:
acl http_port port 80
acl http_methods method GET POST
http_access deny http_port !http_methods

Last edited by win32sux; 11-20-2010 at 06:58 AM.
 
  


Reply

Tags
security


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
question about securing root unix1adm Linux - General 7 02-15-2010 07:57 AM
Redirect port80 request from internal network? fruitwerks Linux - Security 1 04-28-2009 06:39 PM
Securing FTP, chroot... Not the same old question! s2cuts Linux - Server 2 08-09-2008 02:19 PM
iptables port80 forward and snat pthegreat Linux - Security 5 01-16-2006 09:03 PM
iptables port80 forward and snat pthegreat Red Hat 1 01-13-2006 03:25 PM


All times are GMT -5. The time now is 11:47 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration