December 9th, 2001, 08:39 PM
I have a strange problem with an internetgateway that I admin:
It's an P166, 48 MB Ram, Quantum 2.1 Gb HDD, 2 NIC's 1 for internet it's a Realtek and 1 for the LAN it's a 3Com, the box is running win95 (2nd. version) (I feel some shame now) and Ositis 4.0 webproxy.
When a Win2K pc on the internal LAN get's infected with some idiot worm (Badtrans) the gateway intercepts this worm in his cache and doesn't allow the pc with the worm to recieve / send for a while. But then it goes wrong the proxy won't let that IP on the internet again. I have to restart the proxy everytime when such a worm occurs on a win2k box in the LAN.
December 9th, 2001, 09:03 PM
I've never used Ositis webproxy but off-hand two things come to mind:
1. You windows machines needs to have some antivirus software on it that prevents it from re-infecting itself. This will save you from further problems down the road
2. It shoulds like the proxy is putting in a rule-set that prevents the server from getting out, irregardless of infection. You should probably check the webproxy software for a rules area to see where its set and how to undo it. Alternatively it might be screwing up the route table info. Type in a DOS window route print to see what your print table is.
Hope this helps or leads you in the right direction.
December 9th, 2001, 10:20 PM
never heard of Ositis before, but on all the proxies (4/5) that ive seen you can block or delete messages with attachnent extentions of .pif, ,vbs, .js etc. you can also put AV on the nodes
In other words stop the problem before it starts, there's no excuse for letting this go on.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
December 9th, 2001, 10:28 PM
Windows 95 is NOT the best OS for the firewall. Since Ositis requires 2 network cards, you should be using NT Workstation 4 (SP6a) minimun.
We had major problems trying it on Windows 98. NT4 Workstation was flawless.
And I presume you enable the A/V portion of Ositis ? There is one year of A/V updates included.
December 9th, 2001, 10:46 PM
MsMittens: I do have some antivirus tool on the windows machines and they get updated every week but there are always new worms before the updates and someway the gateway crashes even if the win boxes didn't get infected.
dcongram: The machine is not equiped with enough RAM to run NT4 sp6a proper. I have the antivirus tool from Ositis installed (running and updated) and I think there is some problem with this tool: it tries to remove the virus or worm and then I get problems.