| HTTP Anti-Virus Proxy http://havp.hege.li/forum/ |
|
| Spyware http://havp.hege.li/forum/viewtopic.php?f=4&t=130 |
Page 1 of 1 |
| Author: | raj2569 [ 12 Jun 2006 16:50 ] |
| Post subject: | Spyware |
Hi, Is any one using HAVP to catch spyware/malware. Ideally HAVP should allow an unpatched IE user to browse with out getting all the spyware and other nasties getting installed with out their knowledge. Any one working in this direction? Also how many virus do you catch daily/weekly? regards, raj |
|
| Author: | hege [ 12 Jun 2006 17:06 ] |
| Post subject: | |
Not all scanners have signatures for spyware/adware. If you would like the ideal situation, you should atleast have 2 scanners in HAVP, and third at workstation (and probably even run something like Ad-Aware daemon too). But honestly, I don't think it's such a big deal. At work we have 500+ users, and I see maybe 2-5 viruses (mostly some javascript stuff) each week in log. Or perhaps our workers are well behaving and not surfing in bad places. 
Cheers, Henrik |
|
| Author: | raj2569 [ 12 Jun 2006 17:25 ] |
| Post subject: | |
hege wrote: Not all scanners have signatures for spyware/adware.  Actually I am thinking about having a spyware sig database for ClamAV. This will be very usefull with HAVP. Quote: we have 500+ users, and I see maybe 2-5 viruses (mostly some javascript stuff)
This was what I expected, virus as such is not a threat for a browser, but malware is. I know HAVP cannot do any thing about it, but HAVP can benefit enormously from having a good spyware sig for ClamAV! raj |
|
| Author: | hege [ 12 Jun 2006 17:45 ] |
| Post subject: | |
raj2569 wrote: Actually I am thinking about having a spyware sig database for ClamAV. This will be very usefull with HAVP.
I think many people have had the same idea, but nothing has come up yet. It would require lots of skilled people and spare time. You could do something like simple md5-signatures of installers, but I don't know how far that would lead.. Good luck.
Cheers, Henrik |
|
| Author: | raj2569 [ 13 Jun 2006 18:34 ] |
| Post subject: | |
Thanks
I am actually thinking on the line of having a clam av sig to identify browser help objects and other nasties let the users use white lists to add what they want. Don't know how far this will go but I am determined to give it a good push!
raj |
|
| Page 1 of 1 | All times are UTC + 2 hours [ DST ] |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|