HTTP Anti-Virus Proxy http://havp.hege.li/forum/ |
|
block download of executables / scan https webpages http://havp.hege.li/forum/viewtopic.php?f=3&t=524 |
Page 1 of 1 |
Author: | karesmakro [ 08 Mar 2010 11:14 ] |
Post subject: | Re: block download of executables / scan https webpages |
Hi ap_de and welcome to havp forum! your questions: a) block executable files is possible by squid self in beeing a little bit more restrictive on acl settings take a look at description for multimedia blocking http://www.squid-cache.org/mail-archive/squid-users/200812/0549.html and create instead of multimedia file types your own file extension list b) havp self is not able to scan https/ssl connection, cause of point to point encryption, but there is a way for example by apache and mod_proxy to let handle apache the encrypted requests. But this is quite more complicated there is an instruction to do so: http://havp.hege.li/forum/viewtopic.php?t=188 regards |
Author: | hege [ 08 Mar 2010 12:13 ] |
Post subject: | Re: block download of executables / scan https webpages |
If you really REALLY want to block ALL executables, you could use a ClamAV signature like this: Create file disallow.ndb or so in signature directory, containing line: Code: Executable.Not.Allowed:1:0:4d5a?? This will also match any executable in archives. |
Author: | TD-4242 [ 18 Jun 2010 18:48 ] |
Post subject: | Re: block download of executables / scan https webpages |
We're working on doing the https part of this as well using a custom sslproxy with dynamic certificate generation. This requires having a private CA loaded into all web browsers in the corporate network or you get invalid certifiate warnings. I'll post more as we work through it. |
Page 1 of 1 | All times are UTC + 2 hours [ DST ] |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |