> > hello gurus,
> >
> > Is it possible to stop spyware entering in to the
> > network with help of squid.
> >
>
> Basically not because SQUID , only deals with the http transport
> layer. You can use , a virus scanning box ; in as a parent for
> your SQUID sever.
>
> Use adequate anti virus protection on every PC; which has
> access to the Internet , proxy-based or not.
>
> The term virus is ment in a broadened meaning here; i.e. modern
> anti-virus sellers include spyware blocking too into there product(s).
>
> M.
I do agree with Mark, in terms of using adequate malware protection
(malware was the term decided upon to include any software that's
malicious: spyware, adware, grayware, viruses, trojans, etc) primarily for
this problem.
However, proxying the network's traffic is an excellent way to "control"
things. There are quite a few blacklist databases out there which you can
plug into squid.
I personally use SquidGuard to do it. The few occasions at which our
proxy server is down, the users notice it because malware manages to
affect their machines. Unfortunately I don't feel like the databases are
updated often enough. This is mainly because malware is an exponential
problem and it's incredibly hard to keep up with.
I'm putting a project team together to specifically set up a database
which manages malware sources more efficiently. Currently, the database
will be built for squidguard, because I like the simplicity of SquidGuard.
I've heard DansGuardian is "better" because it's more feature-rich.
Additionally, you can check out
http://www.squid-cache.org/related-software.html
There's all kinds of options out there.
On a side-note, if anyone is interesting in working on my source database,
please let me know off-list.
Regards,
Tim Rainier
Received on Fri Jan 06 2006 - 10:06:36 MST
This archive was generated by hypermail pre-2.1.9 : Wed Feb 01 2006 - 12:00:01 MST