Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 11-19-2010, 11:52 PM   #1
LQ Newbie
Registered: Nov 2010
Posts: 4

Rep: Reputation: 0
Question on securing port80 from upload

I am using a linux fedora 12.0 with L7 filter and proxy as the main firewall for my system composed of some several hundred pcs. The port 80 is open for certain mac addresses these computers, that is to say that , only a few of these computers have access to internet and others have been denied. However, they have access to two specific websites on internet .
I would like to know that if there is a virus attack through these websites in form of executable adwares or malwares, can this linux firewall detect any information that might be directed out of those computers to the attacking source? In other words, is there s tuning in L7 filter or any other filter that can detect transfer of files or some bites through port 80 unrelated to normal http requests?
Old 11-20-2010, 05:32 AM   #2
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Originally Posted by ahmedkamel1355 View Post
detect transfer of files or some bites through port 80 unrelated to normal http requests?
Maybe you could implement an ACL in your proxy server which checks for HTTP methods (with the objective being to block anything that doesn't match). For example, if you're using Squid you could do something like:
acl http_port port 80
acl http_methods method GET POST
http_access deny http_port !http_methods

Last edited by win32sux; 11-20-2010 at 06:58 AM.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] question about securing root unix1adm Linux - General 7 02-15-2010 07:57 AM
Redirect port80 request from internal network? fruitwerks Linux - Security 1 04-28-2009 06:39 PM
Securing FTP, chroot... Not the same old question! s2cuts Linux - Server 2 08-09-2008 02:19 PM
iptables port80 forward and snat pthegreat Linux - Security 5 01-16-2006 09:03 PM
iptables port80 forward and snat pthegreat Red Hat 1 01-13-2006 03:25 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 02:21 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration