I would look into aim pro it works with outlook :-)
Printable View
I would look into aim pro it works with outlook :-)
oofki,
After you have considered regulatory compliance and what the effects of a compromise of patient confidentiality would have on this medical practice, you would not really recommend that would you? :shocked:
And that is before the lawyers and other reptiles start to go into a feeding frenzy.:eek:
This is a regulatory high security environment............... you cannot behave like a normal commercial environment?
A bit like the Financial Sector who have Sarbanes-Oxley?
I would guess I would go for:
1. A strict AUP that at least feigns compliance.
2. A security policy that supports this, and the regulations.
3. A lockdown setup that enforces #1 & #2 above.
4. A monitoring system that checks for infringements of the above.
This is a medical practice........... I guess the partners are on at least $200,000 a year? In that case you will be supported, trust me ;)
iptabels -L -n DROP all -- 216.178.38.116 0.0.0.0/0
or
ip route add 216.178.38.116 via 127.0.0.1
The3ntropy , I am unsure of what you mean; is it that you are drunker then I ?
Oh wait, I'm sober! ( remind me to fix that. )
Providing these commands can be used on the router in use ( I think from a prior thread it may be a Netgear wireless? ) Oh well, let's cover these anyway.
( note: spelling counts using command line -- it is iptables, not iptabels )Quote:
iptabels -L -n DROP all -- 216.178.38.116 0.0.0.0/0
I read this as:
list iptables entries ( iptabels -L ), in numeric format (-n), disjointed target from unknown chain ( DROP ), all protocols ( all ), disjointed hyphens ( -- ), net-address ( 216.178.38.116 ), then disjointed address ( 0.0.0.0 ) that has a netmask of 0.0.0.0 ( /0 )
That makes no sense. I think what you meant was something like
iptables -I FORWARD -d 216.178.32.0/20 -j DROP
or
iptables -I FORWARD -d 216.178.32.0/20 -j REJECT
These would add the rule to the FORWARD chain.
Notice the Netrange used, this discussed more below.
Notice too I did not use the -A, but the -I.
The reason for this is we do not know what rules are already in place, and appending the rule to the end of the chain ( using -A ) may be moot if there is already a rule before it that allows the forwarding of the packets. Inserting the rule ( using the -I ) without a rule number specified places the rule at the head of the chain. This should work, providing the default FORWARD policy is DROP!
Of course, a reboot would nullify the addition to iptables unless you had saved it in some manner, but that is another topic.
This might be a useful tactic during a specific DOS attack, but you are limited to a specific address here, that of profile.myspace.com. It does not stop anything else from Myspace from being accessed.Quote:
ip route add 216.178.38.116 via 127.0.0.1
If you want to use routing tables, why not something like
ip route add prohibit 216.178.32.0/20
or better yet
ip route add unreachable 216.178.32.0/20
These would block a bit more of the Myspace netrange?
you say tables, I say tabels
alias iptabels='iptables'
last night I felt helpful so was reading some stuff on here, first line was a sad attempt to drop all packets from the root myspace ip
second was just null-routing all packets to the ground; if you 'prohibit' or 'unreachable' packets it takes more cpu time to make the decision of what to do with the packet (from my experiences at least with heavy DRDoS attacks)
Actually, I am on vacation, so I say
pour me another drink!:drink:
I have to go over there and setup the wireless 'security' on the netgear router and also, clean out both PC's and notebook. Since they all run very slow and seems to be infected with spyware/malware etc...
also, have to install a label maker on workstation 1. Have to be there at 12:30 it's 9:45 here.
I will post later results.