[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Tuesday 13 December 2005 7:59 pm, Thomas Arrow wrote: > Ok I have recently set myself up a nice squid proxy for my whole house > to use. Now I thought to try and protect the doze machines I would stop > people from downloading *.exe and *.bat etc... Sounds a bit like re-inventing the wheel on that one. There are existing packages that can remove malware from incoming streams. The principle problem in this area is email and once that is covered, what are people going to be downloading? Most people don't go to malware sites knowingly. > But here will obviously > be some things that need to be downloaded on those machines that are exe > files. So I want to try and redirect them to a page that says all the > stuff about viruses and things like are you sure you want to download > this etc... If someone deliberately navigates to a website and clicks on a download, they are likely to just click Yes anyway. What you need to catch are phishing attacks that start as email inviting you to go to a different website. If the user doesn't realise that this is a false site, they'll click Yes. If they do realise, they won't click anyway. If you put clamAV or similar on your incoming email, use spamassassin and filter spam out of their inboxes, you shouldn't need to hack Squid directly. From the link Paul posted, this would seem to fill any other gaps: Malware Block List The Malware Block List is a free, automated and user contributed system for checking URLs for the presence of Viruses, Trojans, Worms, or any other software considered Malware. http://www.squid-cache.org/related-software.html -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
pgpcbLzv5LUJs.pgp
Description: PGP signature