I'm looking at deploying Squid with filtering using malware blacklists
from
www.bleedingsnort.com
www.malware.com.br
www.shadowserver.org/cc.php
and possibly some other limited blacklists.
We will only be filtering for malware/spyware etc.. No other content
filtering is required, so we want to avoid using SquidGuard or similar.
The shadowserver.org and bleedingsnort.com lists could easily be
integrated as dstdomain acl, but the malware.com.br is a regex_url list
and I don't want to take the performance hit using a regex_url acl. So
the idea was to try and use a redirector like asqredir for the regex_url
files.
I also want to use the dnsbl_redir to check dns blacklists (which
potentially could replace the dstdomain acl as well if that is of any
performance benefit). Problem is to use the two redirectors at the same
time. If we used dnsbl_redir as an external_acl_type (after some
modification) and leave asqredir as the redirector, we should be in
business? I expect the dnsbl_redir has a lower overhead as a helper
application than asqredir would if changed into a external acl helper,
or does that not matter? Have anyone tried this?
Both the asqredir and dnsbl_redir compile under cygwin, so it doesn't
seem to be a problem to get the to work with the windows version of
squid, which is a requirement for us (although we have only done some
basic testing on it).
Best Regards,
Thomas Nilsen
Linux - The umltimate Windows service pack
DISCLAIMER:
This message contains information that may be privileged or confidential and is the property of the Roxar Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorised to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.
Received on Thu Aug 31 2006 - 07:06:59 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Sep 01 2006 - 12:00:02 MDT