[Firehol-support] Key loggers and others that communicate back to a base
costa at tsaousis.gr
Wed Sep 3 00:04:38 BST 2014
Firehol will do just fine allowing very specific services from your LAN
machines to the internet.
For HTTP/HTTPS I suggest to install a proxy and control the allowed URLs
there. So, direct layer 3 HTTP/HTTPS should not be allowed. Only through
the proxy. Firehol can also setup a transparent HTTP proxy for you (but not
HTTPS - HTTPS cannot be intercepted - the clients will have to be
configured to use the proxy for HTTPS).
On Wed, Sep 3, 2014 at 1:35 AM, Whit Blauvelt <whit at transpect.com> wrote:
> To the degree it can set what types of services you can be a client of,
> But if the key logger or whatever is using an HTTP(S) POST or GET to send
> your data across, and you allow HTTP(S) clients out over the firewall,
> you've still got trouble.
> You could allow only HTTP(S) clients to connect to specific IPs. For most
> us, that would be a nonstarter. But if you wanted to have a system that
> could only connect to your bank, and your bank's at a fixed IP, you could
> easily do that.
> On Tue, Sep 02, 2014 at 08:45:14PM +0100, Robin wrote:
> > I feel I need to install a firewall and ubuntu comes with a very simple
> > but I noticed it did not stop outgoing comms, or provide for a white
> > dealing with communications going from key loggers, zombie machines,
> > Does firehol help in this regard?
> > _______________________________________________
> > Firehol-support mailing list
> > Firehol-support at lists.firehol.org
> > http://lists.firehol.org/mailman/listinfo/firehol-support
> Firehol-support mailing list
> Firehol-support at lists.firehol.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Firehol-support