Re: Firewall - How blockade the files .exe

To: debian-firewall@lists.debian.org
Subject: Re: Firewall - How blockade the files .exe
From: Daniel Pittman <daniel@rimspace.net>
Date: Wed, 24 Mar 2004 00:29:15 +1100
Message-id: <[🔎] 87fzbz7kus.fsf@enki.rimspace.net>
References: <[🔎] 20040322083238.5bd1a914.wgm@telus.net> <[🔎] 87fzc08nd5.fsf@enki.rimspace.net> <[🔎] 004f01c410d4$db3b1510$2c01010a@papaleoadvogados.com.br>

On Tue, 23 Mar 2004, Leandro F. de Mesquita wrote:
> I use iptable, I want blocked all files .exe in protocol ftp.

iptables is really not the tool you want to use for this.

A better way to achieve this result would be to implement a squid proxy
server, with rules that do not permit fetching .exe files via ftp
connections.

Then, block access to ftp via iptables, except from the squid server.

Your clients can then only get ftp through the proxy, which implements
your rules at a level that actually makes reasonable sense.

     Daniel

-- 
An expert is a person who has made all the mistakes which can be made
in a very narrow field.
        -- Niels Bohr

Reply to:

References:
- Firewall Recommendations
  - From: Wm.G.McGrath <wgm@telus.net>
- Re: Firewall Recommendations
  - From: Daniel Pittman <daniel@rimspace.net>
- Firewall - How blockade the files .exe
  - From: "Leandro F. de Mesquita" <leandro@bork.com.br>

Prev by Date: Re: Firewall - How blockade the files .exe
Next by Date: Re: Firewall - How blockade the files .exe
Previous by thread: Re: Firewall - How blockade the files .exe
Next by thread: Re: Firewall - How blockade the files .exe
Index(es):
- Date
- Thread