>
> how can we roughly identify the virus on host machine by seeing squid
> access.log and cache.log
>
>
Turn on query-string logging and google the full URI which the client is
trying to connect to. Some virus have well-known attack URI, or analysis
by others published.
If you can't find anything for/against the URI squid is asked for, then
you will have to perform your own detective analysis. Squid itself can
only tell you what the URI to start with.
Good luck.
Amos
Received on Tue Apr 22 2008 - 14:13:59 MDT
This archive was generated by hypermail 2.2.0 : Thu May 01 2008 - 12:00:04 MDT