HTTP Anti-Virus Proxy

Hi, I'm tryin to open a html page which have a virus (and I know that
The problem is that I still want to get the info on page, but because of the virus havp blocked it at all.
Is possible anyway to get the rest of the page (so havp stop only suspicious and virus files - js,vbs.. etc.)?

It is not really possible, because everything we do is match patterns from some file, which happens to be a complete html-page in this case. It would require huge modifications if we wanted to actually modify the pages and remove javascript etc.. and since we only match patterns, actually we wouldn't even know what to remove to disinfect the page.

I don't know if using Privoxy would help in this case. It can detect some malicious javascript and remove it.

Cheers,
Henrik

thanks

If you really want to download the page, try getting it with a non-interpreting HTTP client like CURL. You can get the HTML into a text file and look at the it with a text editor to find what you want.

Naturally you would have to whitelist the page first..

Cheers,
Henrik

It obviously depends on the exact configuration, but I was more thinking of bypassing HAVP somehow. If you have multiple users, then whitelisting the page (even temporarily) could expose unsuspecting users to the virus.

It's likely to be harder to bypass HAVP if it is forcibly interposed on port 80 on the Internet gateway. On the other hand, if HAVP is listening on a different port, then it is easy to bypass (unless a firewall prevents it).