|
HOWTO install p3scan |
|
P3SCAN |
Characteristics:
- intercept traffic of all clients on a subnet connected to this gateway/router
- redirect it (with iptables) to P3scan installed on this host
- this host is physical between the client and the POP3 server
 |
P : pop3 server |
Note:
The pop3server does not have to be on the Internet: can be anywhere. Most important here is that the gateway which intercepts the pop3traffic and does the
scanning is physical between the client and the pop3server.
This configution has one big advantage: only on one host (the gateway) you will have to install p3scan and configure the redirection to
enable the scanning for a complete network.
A disadvantage is that you'll bring extra pressure on the gateway by giving it extra tasks. The main task of a gateway is to route all kinds off
electronic traffic, which may get a lower priority. Futher, there is a small risk (which is always there) that program's involved with the
scanning, can cause a crash of the gateway. This has nothing to do with the kind of scanning, but is true in general:
the more sofwtare running on a host, the greater the risk of a crash. And, this is especially true for hosts connected directly to the Internet
or any other network you can't trust, attempts can de made to make the host crash deliberatly. This is catastrophic for the all the users and
computers "behind" the gateway. If the gateway crashed nobody is able anymore to connect to the Internet anymore. This may be a reason to
let an internal host do all the scanning.
P3scan has to be installed on the gateway.
p3scan has to listen to the local address
I assume that iptables is installed already on the gateway (how else can the router do his work?).
To let all the pop3 traffic go via p3scan add an extra rule:
|
| Index |