Security Basics mailing list archives

Re: Laptop Endpoint Security

From: Nikhil Wagholikar <visitnikhil () gmail com>
Date: Thu, 21 May 2009 14:07:40 +0530

Hi John Drakes,

May be you can give a try to an open source  web content filtering
solution (which runs only on UNIX/Linux) named 'Dansguardian'.

From the source:


DansGuardian is an award winning Open Source web content filter which
currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX,
and Solaris. It filters the actual content of pages based on many
methods including phrase matching, PICS filtering and URL filtering.

More Info: http://dansguardian.org/?page=whatisdg
Detailed Info: http://dansguardian.org/?page=introduction

Hope this helps.

---
Nikhil Wagholikar
Practice Lead | Security Assessment & Digital Forensics
Network Intelligence (India) Pvt. Ltd. [NII Consulting]
Web: http://www.niiconsulting.com/
Comprehensive Information Security Trainings
http://iisecurity.in/courses/Training%20Calendar.html

2009/5/20 John Drakes <tornado579 () gmail com>


Hi All,

Our company was evaluating Websense Remote filtering tool for our
laptop users so that we can enforce the Internet security policy on
the laptops.
But while doing Risk assessment it was noticed that if the hacker is
able to compromise the Websense Remote Filtering server in the DMZ he
may try to get into the internal LAN since the direct connection is
established between DMZ machine and the internal server for doing user
based filtering with the help of Active Directory.This is a risk.

I wanted your suggestions on the following:

1. What are the other products which can be evaluated for internet filtering?

2. What are the chances of the above risk materializing ?

3. Any other best practices you can suggest?


Thanks in advance.

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. 
Gain a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------

Current thread:

Laptop Endpoint Security John Drakes (May 20)
- Re: Laptop Endpoint Security Nikhil Wagholikar (May 21)
- Re: Laptop Endpoint Security aditya mukadam (May 22)
  - RE: Laptop Endpoint Security Ravi (May 28)
- <Possible follow-ups>
- Re: Laptop Endpoint Security admin (May 28)