You seriously block IE like this? Sounds like you are more worried about control than anything else...
-----Original Message----- From: Rossz [mailto:[EMAIL PROTECTED] Sent: Monday, July 05, 2004 ull 12:20 PM To: [EMAIL PROTECTED] Subject: Re: [OT} Virus scanner connected to squid R. van Twisk wrote: >Hey Guys, > > >I know this is a bit off-topic but.... > >What would be 'the best' or most usuable way to scan all web trafic >using Squid??? > > >squid-vscan seem to be outdated. >httpf seems to be outdated > >or can I just 'use' them with Squid2.5STABLEx > > > The amount of resources needed to do real time scanning would be tremendous. I doubt it is feasible. A few simple ways to avoid viruses/worms/trojans: 1. Don't use Internet Explorer. I have this in my squid configuration to enforce this ban (both at home and at the office): # exceptions to the No-IE rule acl BrowserException dstdomain .mozilla.org http_access allow BrowserException # don't allow IE to access the internet deny_info ERR_BAD_BROWSER BadBrowser acl BadBrowser browser MSIE http_access deny BadBrowser 2. Scan all downloads before executing them. 3. Have the mail server refuse dangerous attachments such as .exe and .pif. Scan all others, especially .zip files. 4. Institute a policy of public hanging for anyone who executes dubious downloads. -- Rossz
