LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Question on securing port80 from upload
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-19-2010, 11:52 PM   #1
ahmedkamel1355
LQ Newbie
 
Registered: Nov 2010
Posts: 4

Rep: Reputation: 0
Question on securing port80 from upload

Hello,
I am using a linux fedora 12.0 with L7 filter and proxy as the main firewall for my system composed of some several hundred pcs. The port 80 is open for certain mac addresses these computers, that is to say that , only a few of these computers have access to internet and others have been denied. However, they have access to two specific websites on internet .
I would like to know that if there is a virus attack through these websites in form of executable adwares or malwares, can this linux firewall detect any information that might be directed out of those computers to the attacking source? In other words, is there s tuning in L7 filter or any other filter that can detect transfer of files or some bites through port 80 unrelated to normal http requests?
Thanks
 
Old 11-20-2010, 05:32 AM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by ahmedkamel1355 View Post
detect transfer of files or some bites through port 80 unrelated to normal http requests?
Maybe you could implement an ACL in your proxy server which checks for HTTP methods (with the objective being to block anything that doesn't match). For example, if you're using Squid you could do something like:
Code:
acl http_port port 80
acl http_methods method GET POST
http_access deny http_port !http_methods
Last edited by win32sux; 11-20-2010 at 06:58 AM.
 
  


Reply

Tags
security



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] question about securing root unix1adm Linux - General 7 02-15-2010 07:57 AM
Redirect port80 request from internal network? fruitwerks Linux - Security 1 04-28-2009 06:39 PM
Securing FTP, chroot... Not the same old question! s2cuts Linux - Server 2 08-09-2008 02:19 PM
iptables port80 forward and snat pthegreat Linux - Security 5 01-16-2006 09:03 PM
iptables port80 forward and snat pthegreat Red Hat 1 01-13-2006 03:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:34 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration