Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 02-17-2005, 07:06 PM   #1
LQ Newbie
Registered: Feb 2005
Posts: 22

Rep: Reputation: 15
Virus Scanner at Packet LEVEL

Hello friends,

I am creating a firewall through IPTABLES and i also want to add the feature of anti-virus so is there any suggestions how i can do it. So that i can scan the packets affected by viruses and can be removed.

Thanx for the same.
bye and have a nice time,
om shanti.
Old 02-26-2005, 03:17 PM   #2
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,571

Rep: Reputation: 180Reputation: 180
I'm not sure if it's a good idea. The thing is that viruses (standard meaning, not worms and attack tools) are hidden into executables (or different file types). It means to find it you need to know the file type and be able to analyze it. In your case - rebuild the data from packets and scan it.

When it comes to worms and such things, it's much easier. Block all not used ports. Write rules that don't accept strange addresses, strange flag combinations etc.
Old 02-27-2005, 10:56 AM   #3
Registered: Jan 2002
Distribution: CentOS 3.1
Posts: 119

Rep: Reputation: 15
It's not really possible to do that. The packets themselves aren't viruses, only when they are re-assembled at a higher level. You can scan them then but, of course, that's not what you're asking.

If you're trying to block attacks at the network level (Ping of death etc) then you can use iPTABLES.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Packet Filter to redirect a packet to a user level process akawale Linux - Networking 3 09-01-2006 12:06 PM
scanner under user level ohcarol Linux - Hardware 1 11-29-2005 03:58 PM
Virus Scanner jenny_psion Linux - Security 3 11-22-2005 04:05 AM
virus scanner. RoaCh Of DisCor Linux - Software 1 08-24-2004 02:35 PM
packet handling at the kernel level valib4u *BSD 4 09-14-2003 03:16 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:33 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration