Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I was not too sure if I should post this under security or under networking.
I am looking for an app that can preferably run on Centos 4.4 or 5 or maybe have a setup of rules on Centos that can help me with my problem.
My problem:
I need to check/scan machines that connect either via cable or wifi to my network for certain criteria, like update level, security patches, anti virus status, etc.
If these machines fail these tests, they need to be put into a quarantine zone and access to the LAN will be prohibited.
From that zone updates etc will be available.
If they pass the scan, they will have access to the LAN.
I do not wish to purchase any hardware like Cisco devices for this.
I also do not wish to use Cisco NAC as I am not willing to fork out insane amounts of money for this.
Does anybody know of any software that can do such checks on a LAN?
Or can this be done with iptables? and if so, how?
Hi all,
I need to check/scan machines that connect either via cable or wifi to my network for certain criteria, like update level, security patches, anti virus status, etc. U mean Microsoft Windows Client?
If these machines fail these tests, they need to be put into a quarantine zone and access to the LAN will be prohibited. You mean when your server detect something wrong then it'll tell your switches transfer particular port into a quarantine vlan?
If they pass the scan, they will have access to the LAN. Refer previous question
Does anybody know of any software that can do such checks on a LAN? Probably nessusd can fullfill partial of your need, but it won't so intelligent untill can talk to your switches.
Or can this be done with iptables? and if so, how? I think not possible.
If I'm not mistaken, only Trend Micro have such of products.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.