With the nimda virus semi-behind now, I'm looking at a way of protecting
from something like this in the future. The only thought I've had so
far is a way of filtering out executables from being downloaded from the
web.
I've looked at some threads similar to this in the logs but I have some
questions. Is there any better way then using a url pattern match to
handle this? I know I can use url_regex \.eml or \.exe or any
executable but is this the right way to be doing it? I've noticed that
since I used it to filter .exe, I've had a few problem with people
browsing sites that use .exe for their cgi extension and squid will deny
the client even though it's not trying to download it.
Is using url_regex based acl's really the best way to be doing this?
Thanks for any input,
-Brian
-- Brian M Dial UNIX Systems Administrator Rummel, Klepper & Kahl, LLP Phone: 410.728.2900 x1329 Cell: 410.598.0742 http://www.rkkengineers.comReceived on Tue Sep 25 2001 - 14:08:21 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:29 MST