LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-04-2002, 02:56 PM   #1
OB1
LQ Newbie
 
Registered: Oct 2002
Posts: 2

Rep: Reputation: 0
Question URLSCAN tool MS = Linux tool ?


I am needing to forward ports on my firewall coming in on port 80 to an internal Web server (MS IIS) and I know that they have a urlscan tool to help eliminate possible exploits on this machine but I was hoping that Linux had an equivalent program I could run on my firewall (ipchains) that would keep most of these URL exploits from ever entering my LAN and just get filtered at the firewall to help eliminate this before getting to my web server.

thanks,
K
 
Old 10-04-2002, 03:31 PM   #2
d3funct
Member
 
Registered: Jun 2001
Location: Centralia, WA
Posts: 274

Rep: Reputation: 31
Have you read the IPchains how-to? Also, you should probably upgrade to get IPTABLES since 1) ipchains is soon to be deprecated and 2) You can define IPTABLES (a stateful firewall) to do much of this for you.
 
Old 10-04-2002, 04:16 PM   #3
OB1
LQ Newbie
 
Registered: Oct 2002
Posts: 2

Original Poster
Rep: Reputation: 0
I have read ipchains and have looked over iptables but I have not seen anything that allows looking at the actual content of a packet that would allow you to reject or accept based on that content. The only thing I have seen is making a decision based on src/dst or ports, not the actual content where the URL would be. Maybe you could enlighten me as to where this filtering occurs within either of these two programs.
 
Old 10-05-2002, 12:58 AM   #4
neo77777
LQ Addict
 
Registered: Dec 2001
Location: Brooklyn, NY
Distribution: *NIX
Posts: 3,704

Rep: Reputation: 55
You can utilize snort and iptables to do so,
http://www.snort.org , snort rules allow you to see what's comming and getting out based on the rules configuration.
http://www.netfilter.org
Also take a look at adaptive firewall http://linuxgazette.org/issue82/veerapen.html
Rewrite the iptables rules to suite your environment.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Partitioning tool in linux joeman3429 Linux - Software 7 10-05-2005 09:18 PM
? about a linux tool pwo0123 Linux - Newbie 1 11-11-2004 12:38 PM
Linux Admin Tool SeaLestt Linux - Newbie 7 07-23-2004 08:52 PM
dreamweaver like tool for linux varunbihani Linux - Software 5 07-17-2003 06:48 PM
TV-Tool for linux ? Fuel Linux - Software 9 04-15-2003 05:48 PM


All times are GMT -5. The time now is 01:35 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration