Our best defense in blocking virus and exploits on windows and Redhat
boxes has been.

1.) Block attachments
Block attachments, I use mime-defang, as a procmail plugin to sendmail.
I don't agree with using html mail instead of plain text messages.
Plain text is more secure then html mail, html can have javascript and
iframe exploits in it.

2.) Keep systems up to date.
        Windows SUSE update service as a domain policy. All systems auto
update  each night.
        On windows I run an antivirus on each desktop, and do a central
scan    of all computers every day, or however long it takes to scan 600
Redhat all systems use up2date to update very night, and load their rpms
off a central nfs server, to speed up the download.
        Add an entry to run up2date in /etc/cron.daily
        up2date -u -k /mnt/rpm/$RHVERSION --tmpdir /mnt/rpm/$RHVERION

3.) Turn off unneeded services.
I use /etc/hosts.allow to block all services from outside our subnet on
        On Redhat 8.0 I enable medium firewall using lokkit.
        On windows I auto-close fileshares with promiscuous share

4.) Consolidate servers.
        We try to run the minimal number of web server/email/ etc
services that are exposed to the internet.

> --Luke
> --Computer Science Sysadmin, MSU Bozeman 
> --admin(AT)cs.montana.edu 994-3931 

> ). Also, sending and receiving HTML mail as opposed to
> plain text ( I also picked this one for obvious
> reasons ). This can also drastically reduce problems.
> Sometimes it's the little things that matter.
> Sometimes we don't have control over things. Using
> portscan detection, libwrap options, virus stripping
> programs, attack fingerprint detection software and
> everything you can think of... that's protection. Not
> enough, but it's a start. To really securify and
> protect, you need protection in layers... multiple
> layers. Reading is the prevention you need.
> =====
> Kevin C. McConnell --RHCE-- <Red Hat Certified Engineer>
> __________________________________________________
> Do you Yahoo!?
> HotJobs - Search new jobs daily now
> http://hotjobs.yahoo.com/
> --
> Psyche-list mailing list
> https://listman.redhat.com/mailman/listinfo/psyche-list

Reply via email to