Re: Antivirus on SQUID

From: N407ER (n407er_at_myrealbox.com)
Date: 06/30/03

  • Next message: Michael Sconzo: "Re: Default Snort configuration on Win32 .. Not detecting SubSeven and other stuff?"
    Date: Mon, 30 Jun 2003 12:16:08 -0400
    To: ziggy@one2net.co.ug
    
    

    I suspect what he wants is filtering on Squid to protect his users from malicious HTML and other web-based vulnerabilities. Unfortunately, I don't know of anything with Squid with these capabilities. Privoxy may suit your needs; it's really an anti-banner-ad/privacy-enhancing proxy, but its pretty flexible (and can be run on a proxy server for multi-user use--I think it even supports ACLs now.

    Sorry that I can't be of more help, but maybe someone else knows? I would say at the very least you could--at the client level or with some very basic filtering on the proxy--just remove scripts, activex, and the like.

    I don't think, unfortunately, that you'll ever be able to define the whole world of web browser vulnerabilities enough that you can securely block them without blocking some legit uses as well, so anything is going to be a sacrifice for the users.

    Good luck.

    On Fri, 27 Jun 2003 19:37:26 +0300 (EAT)
    "David Ziggy Lubowa" <ziggy@one2net.co.ug> wrote:

    >
    > i think what you need is an AV on your mail server not on squid, try out
    > Amavis on your mail server. Squid just does http requests on behalf of
    > everything behind it unless you run a mail server on your squid server
    > which is not a good idea.
    >
    >
    >
    > > Hi,
    > >
    > > I am running Squid and would like to know some ways i can intergrate
    > > Virus Scanning in the package. I am using RedHat 9.0 as the OS. I would
    > > like to stop Virus's being transmitted onto our staff via HTML etc.
    > >
    > > If possible a free anti-virus :-)
    > >
    > > Regards,
    > >
    > > Nhadie
    > >
    > >
    > >
    > >
    > > --------------------------------------------------------------------------
    > -
    > > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top
    > > analysts! The Gartner Group just put Neoteris in the top of its Magic
    > > Quadrant, while InStat has confirmed Neoteris as the leader in
    > > marketshare.
    > >
    > > Find out why, and see how you can get plug-n-play secure remote access
    > > in about an hour, with no client, server changes, or ongoing
    > > maintenance.
    > >
    > > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    > > --------------------------------------------------------------------------
    > --
    >
    >
    > --
    > David Ziggy Lubowa
    > Network Engineer
    > One2net
    > -----------------------------------
    > A Network Of People And Technology
    >
    >
    >
    > ---------------------------------------------------------------------------
    > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    > The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    > while InStat has confirmed Neoteris as the leader in marketshare.
    >
    > Find out why, and see how you can get plug-n-play secure remote access in
    > about an hour, with no client, server changes, or ongoing maintenance.
    >
    > Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    > ----------------------------------------------------------------------------
    >
    >

    ---------------------------------------------------------------------------
    Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    while InStat has confirmed Neoteris as the leader in marketshare.
         
    Find out why, and see how you can get plug-n-play secure remote access in
    about an hour, with no client, server changes, or ongoing maintenance.
              
    Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    ----------------------------------------------------------------------------


  • Next message: Michael Sconzo: "Re: Default Snort configuration on Win32 .. Not detecting SubSeven and other stuff?"

    Relevant Pages

    • RE: ASP Pages
      ... in addition to that you could enforce a high-bit password for FTP and ... perhaps remove your Plain Text FTP server and ... >> The Gartner Group just put Neoteris in the top of its Magic Quadrant, ...
      (Security-Basics)
    • RE: New trojan turns home PCs into porno Web site hosts
      ... > home computers under his control. ... it is only these other machines running the DNS services that can't ... >> The Gartner Group just put Neoteris in the top of its Magic ... > about an hour, with no client, server changes, or ongoing maintenance. ...
      (Security-Basics)
    • RE: Commerical Anti-Virus for Unix Machines
      ... Vexira make file server and mail server anti virus for different flavors ... > Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ... > about an hour, with no client, server changes, or ongoing maintenance. ...
      (Security-Basics)
    • Re: Ten least secure programs
      ... Holes are found in Apache, like a lot of other programs... ... Server administration, security, programming, consulting. ... The Gartner Group just put Neoteris in the top of its Magic Quadrant, ... and see how you can get plug-n-play secure remote access ...
      (Security-Basics)
    • Re: Ten least secure programs
      ... > secured Windows server is more secure than a non-secured Linux server, ... > error or default setting and that comes down to a lame sys admin. ... > The Gartner Group just put Neoteris in the top of its Magic Quadrant, ...
      (Security-Basics)