Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
1) Is there any way/program other than iptables to bind an IP to a MAC address bcoz i have certain machines on my network to whom i allow unrestricted access to certain resources and i want to avoid IP spoofing. I can do with iptables but jus wannan know alternate ways
2) I use qmail-scanner with clamav and my company's policy is to reject certain extensions like archive extension (zip,rar etc) as attachments. But i find it can be easily bypassed by changing the file extensions to say an allowed extension like .doc . how can i stop this.
that will let my users change thier qmail (smtp/pop) password remotely. Currently i'm using OmailAdmin but i wan't just a simple password change only webpage.
Is ther a solution for my 2 question thank you. It can be easily bypassed by changing the file extions. Why can't clamav detect the file as zip even if it's renamed to .doc extension and then block it.
because when a zip file is renamed to .doc it's no longer a zip file anymore. it's a .doc file... sure no office program will open it... but that's just the way it is. there would be so much overhead on mail servers if they had to attempt to rename every attachment to every known file extension just to see which correct extension it is. if it could even do that... and what about mac osx... you don't even need filename extensions
the reason i ask this is coz in my previous organization i used to rename the blocked zip archives to doc and some prgram running with qmail used to block it even then !!! now i can't ask that administrator how he did it or what he used ? may be the program cud scan it's header
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.