From: Kari M. <ka...@tr...> - 2005-09-08 21:41:58
|
Bruce Smith wrote: > Has anyone actually tried the program? > I'd like to hear how well it really works (or not). Sorry, I cannot help here. > Also, I see there are some other AV addons for squid listed on the > http://www.clamav.net/3rdparty.html#webftp page mentioned. =20 > Is this one the "best" one for DL? Dunno. Se below.. > Also, looking at the docs, it appears that it does not work directly > with squid, but it's a standalone proxy server and squid can be setup t= o > proxy it's traffic through it. Not the best way to integrate it with > Squid, IMO. True, but this gives the option not to cache, but just filter/check for=20 viruses, and you can get by without Squid. > I'm curious why you picked this one over the others listed?=20 Good question :-) > (unless you don't plan on using Squid, then I understand) > As you can probably tell, I use and like Squid. :-) I like Squid too. It is just not required in all installations. I go through all the choices on the above mentioned clamav page: DansGuardian Anti-Virus Patch - takes the Virus Scanning capabilities of=20 ClamAV and integrates them into the content filtering web proxy=20 DansGuardian. Latest: Antivirus plugin stable version 6.4.3 for DansGuardian 2.8.0.6 I'm not sure if this DansGuardian 2.8.0.6 is a proxy which has to be=20 installed, too. OK. This one looks good feature-wise, but that additional requirement...=20 Hmm... Frox - Frox is a transparent ftp proxy. Not for the intended usage? Otherwise, Frox might be a nice addon, if ftp proxy is required. ...or does Squid do ftp proxying really well nowadays? HAVP - proxy with an antivirus filter. It does not cache or filter=20 content. At the moment the complete traffic is scanned. A reason for=20 that is the chance of malicious code in nearly every filetypes e.g. HTML=20 (JavaScript) or Jpeg. mod_clamav - Apache virus scanning filter Not for the intended usage. ClamAV module for ProFTPD - This is an add on module for ProFTPD Not for the intended usage. SafeSquid - if I understand right, the free version is a cache only, and=20 does not have ClamAV support. Commercial version has it all. If I'm wrong, the this might be the best one. SquidClamAV Redirector - 404 Not Found ... Squidclam - this is really not ready yet Viralator - Viralator is a perl script that virus scans http downloads=20 on a linux server after passing through the squid proxy server. Future Enhancements: 1. Remove the use of Wget and use LWP Perl module to download the files 2. Fix Internet Explorer anonomous FTP problem 3. Fix websites that use .exe as a web page extension So, DansGuradian HAVP SafeSquid These are the only three options I see. If DG requires another proxy to be installed, and SS does not have=20 ClamAV support in the free version, we only have HAVP left. > - BS >=20 >=20 >=20 >=20 >>You got my OK. >>Anybody wants to submit a patch? >> >>Heiko >> >>On Thu, September 8, 2005 15:45, Kari Mattsson wrote: >> >>>from their web site: >>> >>>HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV anti-virus scanne= r. >>>The main aims are continuous, non-blocking downloads and smooth scanni= ng >>>of dynamic and password protected HTTP traffic. Havp antivirus proxy h= as a >>>parent and transparent proxy mode. It can be used with squid or >>>standalone. >>> >>># HTTP Antivirus proxy >>># Scans complete incomming traffic >>># Nonblocking downloads >>># Smooth scanning of dynamic and password protected traffic >>># Can used with squid or other proxy >>># Parent proxy support >>># Transparent proxy support >>># Logfile >>># Process change to defined user and group >>># Daemon >>># Use Clamav (GPL antivirus) >>># Operating System: Linux >>># Written in C++ >>># Released under GPL >>> >>> >>>http://www.server-side.de/index.htm >>> >>> >>>I think this really would add something very unique to DL: >>>I've been searching for a CD-based Linux with realtime http traffic >>>virus scanning. None found so far. >>> >>>The external boxes from Panda/TrendMicro/etc. are hideously expensive. >>>A DL box would be more suitable for many organisations. >>> >>> >>>OK. Those expensive boxes do more, but still.. >>> >>> >>>I found this HAVP from http://www.clamav.net/3rdparty.html#webftp >>> >>> >>>The source download is less than 600 KB. >>> >>> >>>This is a Request For Comment :-) >>> >>> >>> >>>Terveisin/With kind regards/Med h=E4lsningar/Lugupidamisega, >>> >>> >>>Kari Mattsson >>> >=20 >=20 >=20 >=20 > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & EXPO > September 19-22, 2005 * San Francisco, CA * Development Lifecycle Pract= ices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing &= QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5= sf > _______________________________________________ > Devil-linux-develop mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-develop >=20 Terveisin/With kind regards/Med h=E4lsningar/Lugupidamisega, Kari Mattsson Trivore Corp. |