LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-17-2005, 07:06 PM   #1
bkankur
LQ Newbie
 
Registered: Feb 2005
Posts: 22

Rep: Reputation: 15
Virus Scanner at Packet LEVEL


Hello friends,

I am creating a firewall through IPTABLES and i also want to add the feature of anti-virus so is there any suggestions how i can do it. So that i can scan the packets affected by viruses and can be removed.

Thanx for the same.
bye and have a nice time,
Ankur.
om shanti.
 
Old 02-26-2005, 03:17 PM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,536

Rep: Reputation: 148Reputation: 148
I'm not sure if it's a good idea. The thing is that viruses (standard meaning, not worms and attack tools) are hidden into executables (or different file types). It means to find it you need to know the file type and be able to analyze it. In your case - rebuild the data from packets and scan it.

When it comes to worms and such things, it's much easier. Block all not used ports. Write rules that don't accept strange addresses, strange flag combinations etc.
 
Old 02-27-2005, 10:56 AM   #3
R4z0r
Member
 
Registered: Jan 2002
Distribution: CentOS 3.1
Posts: 119

Rep: Reputation: 15
It's not really possible to do that. The packets themselves aren't viruses, only when they are re-assembled at a higher level. You can scan them then but, of course, that's not what you're asking.

If you're trying to block attacks at the network level (Ping of death etc) then you can use iPTABLES.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Packet Filter to redirect a packet to a user level process akawale Linux - Networking 3 09-01-2006 12:06 PM
scanner under user level ohcarol Linux - Hardware 1 11-29-2005 03:58 PM
Virus Scanner jenny_psion Linux - Security 3 11-22-2005 04:05 AM
virus scanner. RoaCh Of DisCor Linux - Software 1 08-24-2004 02:35 PM
packet handling at the kernel level valib4u *BSD 4 09-14-2003 03:16 AM


All times are GMT -5. The time now is 03:10 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration