Hi, I have a project that I would like to do. I would like to add a server to my network that would act as a gateway that would have anti-virus/anti spam features. Just to tell you what I am looking for let me explain that I already have a main router that I am not willing to replace. I would like to have my connection look like: Internet -> main router -> THIS project -> switch -> clients. I would also like to make this gateway a mandatory gateway (two nics) My network is 192.168.1.0 on 255.255.255.0 My only problem is that I don't know where to begin. What I would like to find is a program that could inspect packets for information that is harmful, and how to implement it on a software/hardware level. Let me know if I am wasting time, or if this can't be done. Thank you.
Are you talking about email? You could set up fetchmail or getmail on that box to fetch emails from your users' external email accounts ( http://www.howtoforge.com/debian_etch_fetchmail & http://www.howtoforge.com/debian_etch_getmail ), and then you install Postfix and integrate amavisd_new into it: http://www.howtoforge.com/amavisd_postfix_debian_ubuntu Afterwards you tell your users to fetch their emails directly from the new server instead of from the external mail servers.
Actually no, I'm looking for a solution to better internet security. A server that will block spam and viruses that you might pickup browsing the web. Like squid with packet inspection. But a server that will handle all public traffic, not limited to web browsing. The solution that I am looking for doesn't need to have anything to do with email services. And if there is nothing like this, is there a way that I can have a server that will handle all public traffic like the illustration in my first post? Thank you for your reply.
Maybe using Squid and Dansguardian and direct all traffic through the webfilter? Can you explain further what you mean by "all" traffic, do you mean pop3, smtp, ftp, www etc?
Yes, thank you lando. When I say all traffic I meant every packet going to the public side to include all that you listed. What I am primarily concerned about however is www traffic (secure and non-secure). My clients do use ftp and pop/smtp; however www traffic generates most of the network usage. I was looking for a way to utilize anti-virus and anti-spam software with the squid proxy. We already have a working squid proxy being used. Thank you for your help.