Protecting FTP and SMTP

WinGate Proxy Server and other Qbik products

Switch to full style
Forum for support for the Kaspersky AntiVirus for WinGate plugin
Post a reply
Stewart
  • Stewart
  • Posts: 5
  • Joined: Nov 14 03 12:56 am

Protecting FTP and SMTP

Nov 14 03 1:08 am

Hi. I’ve just downloaded the new Kapersky AntiVirus for WinGate and it seems to be protecting my WWW traffic quite well (although it doesn’t seem to catch the test virus inside a zip).

On the Wingate server am running a number of other services including an SMTP server and an FTP server. Is there anyway I can protect traffic on these services with Kapersky AntiVirus and Wingate?
labull
  • labull
  • Posts: 710
  • Joined: Sep 06 03 1:03 am
  • Location: Washington, DC - USA

Nov 14 03 2:29 am

I believe only the integrated WinGate services are protected by KAV for WinGate.

Larry
Stewart
  • Stewart
  • Posts: 5
  • Joined: Nov 14 03 12:56 am

Nov 14 03 2:37 am

I suspected that might be the case but wondered if I could perhaps reroute traffic to the FTP server through WinGate first?
labull
  • labull
  • Posts: 710
  • Joined: Sep 06 03 1:03 am
  • Location: Washington, DC - USA

Nov 14 03 2:41 am

If they were on a different server I would think you could do that for both.

Might be doable with some fancy port mappings as is. Change the ports for the non-WinGate services to something other that their normal 25 & 21. Might just work!
Stewart
  • Stewart
  • Posts: 5
  • Joined: Nov 14 03 12:56 am

Nov 14 03 2:51 am

Not sure if the other programs will like that but I'll give it a go. Thanks for your help.
labull
  • labull
  • Posts: 710
  • Joined: Sep 06 03 1:03 am
  • Location: Washington, DC - USA

Nov 14 03 3:22 am

Let us know if you're successful. It will be a good reference for others.
Stewart
  • Stewart
  • Posts: 5
  • Joined: Nov 14 03 12:56 am

Partial success!

Nov 14 03 3:56 am

Creating an FTP proxy service and redirecting it to another port on the server (after reconfiguring the FTP server to talk on that port) does work but can’t handle PASV mode, which unfortunately, I need to support.

Doing the same for the local POP service (I figure I’ll leave the SMTP well alone and catch any viruses on the way to and from the client) seems to work OK. It won’t allow the server to deliver infected mails to the clients, however it does seem to allow infect mails to be sent from the clients to the server and out into the aether.
tim
  • tim
  • Posts: 109
  • Joined: Sep 03 03 2:53 pm

Re: Partial success!

Nov 17 03 2:02 pm

Stewart wrote:Creating an FTP proxy service and redirecting it to another port on the server (after reconfiguring the FTP server to talk on that port) does work but can’t handle PASV mode, which unfortunately, I need to support.

Doing the same for the local POP service (I figure I’ll leave the SMTP well alone and catch any viruses on the way to and from the client) seems to work OK. It won’t allow the server to deliver infected mails to the clients, however it does seem to allow infect mails to be sent from the clients to the server and out into the aether.


As long as WinGate is the default gateway for the client machines, and the have to use WinGate to get to the machine hosting the other services, then WinGate will redirect POP and FTP (and smtp in a way) up to the services for testing.
However its hard if you are on the same sub net as the server. In that Case I would assign an additional IP in a different subnet to that server machine, and one on the same subnet to WinGate, and point the clients to the servers new IP, forcing Wingate to route for it.

Tim
Post a reply
Switch to full style

Powered by phpBB © phpBB Group.

phpBB Mobile / SEO by Artodia.

Board index