[MLB-WIRELESS] any one know any good #### filters for a web proxy
andrewg at d2.net.au
andrewg at d2.net.au
Tue Dec 16 09:41:56 EST 2003
*snip*
>>
>> >In my experience the best thing you can do is setup a transparent
>> proxy
>> that
>> >people have no choice but to go through and filter it using
>> SquidGuard (http://www.squidguard.org/ ), you can also throw in Adzap
>> to reduce a
> bit
>> >of bandwidth use (http://adzapper.sourceforge.net/ ) .
>> >
Some other stuff you might want to do is egress filtering, specifically
blocking 25, and possibly 137-139 udp/tcp, 445 udp/tcp, and if feasible,
1025-1026, since various vuln. m$ servers run on it.
Depending on what you're looking at, and what people are doing, you may
want to whitelist outgoing ports, something like 22,80,443, maybe 20/21
for ftp.
- andrewg
To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message
More information about the Melbwireless
mailing list