From: Kari M. <ka...@tr...> - 2005-09-08 21:59:00
|
I'll continue myself, see below: Kari Mattsson wrote: > Bruce Smith wrote: >=20 >> Has anyone actually tried the program? >> I'd like to hear how well it really works (or not). >=20 >=20 > Sorry, I cannot help here. >=20 >> Also, I see there are some other AV addons for squid listed on the >> http://www.clamav.net/3rdparty.html#webftp page mentioned. Is this=20 >> one the "best" one for DL? >=20 >=20 > Dunno. Se below.. >=20 >> Also, looking at the docs, it appears that it does not work directly >> with squid, but it's a standalone proxy server and squid can be setup = to >> proxy it's traffic through it. Not the best way to integrate it with >> Squid, IMO. >=20 >=20 > True, but this gives the option not to cache, but just filter/check for= =20 > viruses, and you can get by without Squid. >=20 >> I'm curious why you picked this one over the others listed?=20 >=20 >=20 > Good question :-) >=20 >> (unless you don't plan on using Squid, then I understand) >> As you can probably tell, I use and like Squid. :-) >=20 >=20 > I like Squid too. It is just not required in all installations. >=20 > I go through all the choices on the above mentioned clamav page: >=20 > DansGuardian Anti-Virus Patch - takes the Virus Scanning capabilities o= f=20 > ClamAV and integrates them into the content filtering web proxy=20 > DansGuardian. > Latest: Antivirus plugin stable version 6.4.3 for DansGuardian 2.8.0.6 > I'm not sure if this DansGuardian 2.8.0.6 is a proxy which has to be=20 > installed, too. > OK. This one looks good feature-wise, but that additional requirement..= .=20 > Hmm... >=20 > Frox - Frox is a transparent ftp proxy. > Not for the intended usage? > Otherwise, Frox might be a nice addon, if ftp proxy is required. > ...or does Squid do ftp proxying really well nowadays? >=20 > HAVP - proxy with an antivirus filter. It does not cache or filter=20 > content. At the moment the complete traffic is scanned. A reason for=20 > that is the chance of malicious code in nearly every filetypes e.g. HTM= L=20 > (JavaScript) or Jpeg. >=20 > mod_clamav - Apache virus scanning filter > Not for the intended usage. >=20 > ClamAV module for ProFTPD - This is an add on module for ProFTPD > Not for the intended usage. >=20 > SafeSquid - if I understand right, the free version is a cache only, an= d=20 > does not have ClamAV support. Commercial version has it all. > If I'm wrong, the this might be the best one. >=20 > SquidClamAV Redirector - 404 Not Found ... >=20 > Squidclam - this is really not ready yet >=20 > Viralator - Viralator is a perl script that virus scans http downloads=20 > on a linux server after passing through the squid proxy server. > Future Enhancements: > 1. Remove the use of Wget and use LWP Perl module to download the files > 2. Fix Internet Explorer anonomous FTP problem > 3. Fix websites that use .exe as a web page extension >=20 >=20 > So, >=20 > DansGuradian > HAVP > SafeSquid >=20 > These are the only three options I see. >=20 > If DG requires another proxy to be installed, and SS does not have=20 > ClamAV support in the free version, we only have HAVP left. SafeSquid only allows commercial use with theis $50 commercial version of the software. So, ignore it here. DansGuardian, on the other hand, looks good... but: http://dansguardian.org/?page=3Dcopyright2 So the situation is about the same as with SafeSquid. In the end: go for HAVP. >> - BS >> >> >> >> >>> You got my OK. >>> Anybody wants to submit a patch? >>> >>> Heiko >>> >>> On Thu, September 8, 2005 15:45, Kari Mattsson wrote: >>> >>>> from their web site: >>>> >>>> HAVP (HTTP Antivirus Proxy) is a proxy with a ClamAV anti-virus=20 >>>> scanner. >>>> The main aims are continuous, non-blocking downloads and smooth=20 >>>> scanning >>>> of dynamic and password protected HTTP traffic. Havp antivirus proxy= =20 >>>> has a >>>> parent and transparent proxy mode. It can be used with squid or >>>> standalone. >>>> >>>> # HTTP Antivirus proxy >>>> # Scans complete incomming traffic >>>> # Nonblocking downloads >>>> # Smooth scanning of dynamic and password protected traffic >>>> # Can used with squid or other proxy >>>> # Parent proxy support >>>> # Transparent proxy support >>>> # Logfile >>>> # Process change to defined user and group >>>> # Daemon >>>> # Use Clamav (GPL antivirus) >>>> # Operating System: Linux >>>> # Written in C++ >>>> # Released under GPL >>>> >>>> >>>> http://www.server-side.de/index.htm >>>> >>>> >>>> I think this really would add something very unique to DL: >>>> I've been searching for a CD-based Linux with realtime http traffic >>>> virus scanning. None found so far. >>>> >>>> The external boxes from Panda/TrendMicro/etc. are hideously expensiv= e. >>>> A DL box would be more suitable for many organisations. >>>> >>>> >>>> OK. Those expensive boxes do more, but still.. >>>> >>>> >>>> I found this HAVP from http://www.clamav.net/3rdparty.html#webftp >>>> >>>> >>>> The source download is less than 600 KB. >>>> >>>> >>>> This is a Request For Comment :-) >>>> >>>> >>>> >>>> Terveisin/With kind regards/Med h=E4lsningar/Lugupidamisega, >>>> >>>> >>>> Kari Mattsson >>>> >> >> >> >> >> ------------------------------------------------------- >> SF.Net email is Sponsored by the Better Software Conference & EXPO >> September 19-22, 2005 * San Francisco, CA * Development Lifecycle=20 >> Practices >> Agile & Plan-Driven Development * Managing Projects & Teams * Testing=20 >> & QA >> Security * Process Improvement & Measurement * http://www.sqe.com/bsce= 5sf >> _______________________________________________ >> Devil-linux-develop mailing list >> Dev...@li... >> https://lists.sourceforge.net/lists/listinfo/devil-linux-develop >> >=20 >=20 >=20 >=20 > Terveisin/With kind regards/Med h=E4lsningar/Lugupidamisega, >=20 > Kari Mattsson > Trivore Corp. >=20 >=20 > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & EXPO > September 19-22, 2005 * San Francisco, CA * Development Lifecycle Pract= ices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing &= QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5= sf > _______________________________________________ > Devil-linux-develop mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-develop >=20 Terveisin/With kind regards/Med h=E4lsningar/Lugupidamisega, Kari Mattsson Trivore Corp. |