Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I have a Debian Squeeze router system setup with squid3 and qlproxy for 3 laptops, 2 cellphone, and 1 desktop. I would like to setup something to copy any file that is upload out from my private network. Is there away?
Could you try to better explain what you are doing? To me, it almost sounds like you should run up tcpdump or wireshark, if I understand correctly, and capture your outgoing data.
My 14 years daughter and her friends have been getting into trouble for uploading and emailing files that they should not have been sending. I have build a Debian router for my home network with a transparent proxy server (sqiud3) and content filter (qlproxy) to keep them off curtain sites. But I need something that will make in copy of any files that is attach to a email or uploaded to a website from her computer (10.168.2.6) and any of our wireless guest IP address (10.168.2.100 - 10.168.2.110) and saves it in a directory in the server or email the file to my phone. Basically, I want to monitor and keep a copy of all files that is leaving out of my network through my daughter's computer and my guest address.
This sounds most easily tackled at application level provided you can ensure the traffic all passes through your proxies (for mail and web). When it comes to people sending pics from their phones and not using your wifi you'd be out of luck unless you had some arrangement with the telco or phone settings.
I'm not at all familiar with qlproxy and haven't used quid for capturing transferred files.
It would help if:
- you were willing to capture web forms as well as web files (but there is danger of over-broad capture)
- you were willing to ban https from the monitored equipment
- users are not technically-inclined (near-infinite potential for evading detection if they are)
Besides going the proxy way and filtering all data, what about taking this to a lower level, and restrict devices from the network, change read/write permissions so no data can be stored on said computer, etc? Just a thought.
As far as using a proxy like linosaurusroot said, you would have to make sure that all data passes through a predetermined proxy that you set up, and yet, to see ALL files going through, you will have to sniff almost all of the data, etc. I'm saying this to try to see what else is a possibility in this case, as looking at all data 24/7 will take processing power, storage, etc, and possibly a better way exists.