Why not block all executables except from a list of whitelisted sites? Allow windowsupdates.com, Microsoft.com, adobe.com,... That negates the need for signature based detection. Thomas J. Raef e-Based Security, LLC www.ebasedsecurity.com 1-866-838-6108 "You're either hardened, or you're hacked!" > -----Original Message----- > From: Indunil Jayasooriya [mailto:indunil75@xxxxxxxxx] > Sent: Wednesday, October 24, 2007 1:34 AM > To: squid-users > Subject: Re: block spyware with squid > > Hi, > > I want to block spyware while users browse internet. Are there any > ACLs to block this ? > > Have you done this before? > > -- > Thank you > Indunil Jayasooriya
