> > hello gurus, > > > > Is it possible to stop spyware entering in to the > > network with help of squid. > > > > Basically not because SQUID , only deals with the http transport > layer. You can use , a virus scanning box ; in as a parent for > your SQUID sever. > > Use adequate anti virus protection on every PC; which has > access to the Internet , proxy-based or not. > > The term virus is ment in a broadened meaning here; i.e. modern > anti-virus sellers include spyware blocking too into there product(s). > > M. I do agree with Mark, in terms of using adequate malware protection (malware was the term decided upon to include any software that's malicious: spyware, adware, grayware, viruses, trojans, etc) primarily for this problem. However, proxying the network's traffic is an excellent way to "control" things. There are quite a few blacklist databases out there which you can plug into squid. I personally use SquidGuard to do it. The few occasions at which our proxy server is down, the users notice it because malware manages to affect their machines. Unfortunately I don't feel like the databases are updated often enough. This is mainly because malware is an exponential problem and it's incredibly hard to keep up with. I'm putting a project team together to specifically set up a database which manages malware sources more efficiently. Currently, the database will be built for squidguard, because I like the simplicity of SquidGuard. I've heard DansGuardian is "better" because it's more feature-rich. Additionally, you can check out http://www.squid-cache.org/related-software.html There's all kinds of options out there. On a side-note, if anyone is interesting in working on my source database, please let me know off-list. Regards, Tim Rainier
