R. van Twisk wrote:
The amount of resources needed to do real time scanning would be tremendous. I doubt it is feasible. A few simple ways to avoid viruses/worms/trojans:Hey Guys,
I know this is a bit off-topic but....
What would be 'the best' or most usuable way to scan all web trafic using Squid???
squid-vscan seem to be outdated. httpf seems to be outdated
or can I just 'use' them with Squid2.5STABLEx
1. Don't use Internet Explorer. I have this in my squid configuration to enforce this ban (both at home and at the office):
# exceptions to the No-IE rule acl BrowserException dstdomain .mozilla.org http_access allow BrowserException
# don't allow IE to access the internet deny_info ERR_BAD_BROWSER BadBrowser acl BadBrowser browser MSIE http_access deny BadBrowser
2. Scan all downloads before executing them.
3. Have the mail server refuse dangerous attachments such as .exe and .pif. Scan all others, especially .zip files.
4. Institute a policy of public hanging for anyone who executes dubious downloads.
-- Rossz
