[Dshield] Linux Migration Security Issues

Tony Nichols tony at mail.applog.com
Mon Jun 2 20:48:47 GMT 2003

I'm using RedHat 9, redhat network (great except when they offered members
to download 9 for free before it released!), sendmail (it works!), and RAV
with libmilter http://www.ravantivirus.com/index.php (they make a version
for many mta's), and shorewall (www.shorewall.net )

I've managed to get firewall, internet access (via squid proxy),
mail-webmail (using the redhat9 sendmail and squirrel mail); and hope to use
the vpn features of shorewall when I get more comfortable with it. I'm from
the windowz world, but making steps in the right direction everyday!

Enjoy the adventure! 

A.G. (Tony) Nichols
I.S. Manager
Appalachian Log Structures Inc.
tony at mail.applog.com 

-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
Of Chateauneuf
Sent: Wednesday, May 28, 2003 9:16 PM
To: list at dshield.org
Subject: [Dshield] Linux Migration Security Issues

We are in the process of making a change from WinXp to Linux. We a re 
currently using a four port NAT router. We are using the paid version of 
Kiwi Syslog Daemon - rolling our own DShield client with scripts which also 
write to an Access DB. We are running a mail server and a password 
protected FTP server. Three clients are, and will continue to run, XP.

Shortly after the migration to Linux, we will add a password protected web 
site (client portal) using Apache.

I'm a nitwit with all this stuff but it seems to me that option one is to 
leave the protection just as it is and just move the Kiwi logger to a 
Windows machine. I guess that option two would be to use the Linux firewall 
and forward all the ports to that machine. Then I presume that Wayne, in 
his infinite wisdom, has some sort of Linux client.

Most of you are smarter with this esoterica than I am. Any suggestions?

The second issue is that I need to replace AVG as email the virus scanner. 
Any ideas about a substitute?

list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list