LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-22-2007, 03:36 AM   #1
codenjanod
Member
 
Registered: Oct 2006
Posts: 38

Rep: Reputation: 15
machine quarantine on centos linux


Hi all,

I was not too sure if I should post this under security or under networking.

I am looking for an app that can preferably run on Centos 4.4 or 5 or maybe have a setup of rules on Centos that can help me with my problem.

My problem:
I need to check/scan machines that connect either via cable or wifi to my network for certain criteria, like update level, security patches, anti virus status, etc.
If these machines fail these tests, they need to be put into a quarantine zone and access to the LAN will be prohibited.
From that zone updates etc will be available.

If they pass the scan, they will have access to the LAN.

I do not wish to purchase any hardware like Cisco devices for this.
I also do not wish to use Cisco NAC as I am not willing to fork out insane amounts of money for this.

Does anybody know of any software that can do such checks on a LAN?
Or can this be done with iptables? and if so, how?

Thank you
 
Old 05-22-2007, 04:27 AM   #2
kstan
Member
 
Registered: Sep 2004
Location: Malaysia, Johor
Distribution: Dual boot MacOS X/Ubuntu 9.10
Posts: 851

Rep: Reputation: 31
We need more information.

Quote:
Originally Posted by codenjanod
Hi all,
I need to check/scan machines that connect either via cable or wifi to my network for certain criteria, like update level, security patches, anti virus status, etc.
U mean Microsoft Windows Client?
If these machines fail these tests, they need to be put into a quarantine zone and access to the LAN will be prohibited.
You mean when your server detect something wrong then it'll tell your switches transfer particular port into a quarantine vlan?

If they pass the scan, they will have access to the LAN.
Refer previous question

Does anybody know of any software that can do such checks on a LAN?
Probably nessusd can fullfill partial of your need, but it won't so intelligent untill can talk to your switches.

Or can this be done with iptables? and if so, how?
I think not possible.
If I'm not mistaken, only Trend Micro have such of products.

Good lucks,
Ks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
trying to print to a laserwriter attached to winxp machine from CentOS 5 hyperaesthetic Red Hat 1 05-22-2007 01:12 PM
CentOS install errors on old machine larry_r Linux - General 2 01-24-2007 06:21 AM
CentOS machine + XP machine = XP invisible for Linux achtung_linux Linux - Networking 10 08-18-2006 03:16 AM
vpn quarantine rquinn628 Linux - Security 2 03-17-2004 08:10 AM
Postfix/SpamAssasin Quarantine erva Linux - Newbie 0 10-04-2003 10:47 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration