[MLB-WIRELESS] any one know any good #### filters for a web proxy

andrewg at d2.net.au andrewg at d2.net.au
Tue Dec 16 09:41:56 EST 2003


*snip*
>>
>> >In my experience the best thing you can do is setup a transparent
>> proxy
>> that
>> >people have no choice but to go through and filter it using
>> SquidGuard (http://www.squidguard.org/ ), you can also throw in Adzap
>> to reduce a
> bit
>> >of bandwidth use (http://adzapper.sourceforge.net/ ) .
>> >

Some other stuff you might want to do is egress filtering, specifically
blocking 25, and possibly 137-139 udp/tcp, 445 udp/tcp, and if feasible,
1025-1026, since various vuln. m$ servers run on it.

Depending on what you're looking at, and what people are doing, you may
want to whitelist outgoing ports, something like 22,80,443, maybe 20/21
for ftp.

- andrewg



To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message



More information about the Melbwireless mailing list