Re: [squid-users] File extension blocking rules

From: Odhiambo WASHINGTON <[email protected]>
Date: Thu, 18 May 2006 16:37:29 +0300

* On 18/05/06 09:54 -0300, Leonardo Rodrigues Magalh�es wrote:
|
|
| Odhiambo WASHINGTON escreveu:
| >It's time to integrate a true content filter, like Dansguardian[1],
| >which will (when integrated with an Anti-virus) do real scanning of
| >all content. Squid can then do what is was born for - caching/proxying.
| >
|
| Yes, great tip ..... but unfortunelly most of the antivirus will
| fail to catch most of those worms that are being sent in .scr links on
| emails these days ...
|
| I have tested several of these worms, collected in my users
| messages, and scanned with clamav McAfee and Norton .... it was nearly a
| completly failure.
|
| I agree that integrating squid with antivirus is great, but it's
| wrong to think that this will keep you free from these kind of shit that
| will reach your network/users through http ...... Unfortunelly, but at
| least in my tests, completly true.

Okay, here is something else that I use in conjunction with squid...if
you think dansguardian is the wrong thing ;)

In my squid.conf:

# Malware download sites - see http://www.malware.com.br
acl malware_block_list url_regex -i "/usr/local/etc/squid/malware_block_list.txt"

http_access deny malware_block_list
deny_info http://malware.hiperlinks.com.br/denied.shtml malware_block_list

And the attached script, run via cron at a time of your choice.

-Wash

http://www.netmeister.org/news/learn2quote.html

DISCLAIMER: See http://www.wananchi.com/bms/terms.php

--
+======================================================================+
    |\      _,,,---,,_     | Odhiambo Washington    <wash@wananchi.com>
Zzz /,`.-'`'    -.  ;-;;,_ | Wananchi Online Ltd.   www.wananchi.com
   |,4-  ) )-,_. ,\ (  `'-'| Tel: +254 20 313985-9  +254 20 313922
  '---''(_/--'  `-'\_)     | GSM: +254 722 743223   +254 733 744121
+======================================================================+
	*** System shutdown message from root ***
System going down in 60 seconds

Received on Thu May 18 2006 - 07:37:42 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT