tis 2009-09-15 klockan 15:49 +0100 skrev Nigel: > The four http linked Eicar files at > http://www.eicar.org/anti_virus_test_file.htm are all intercepted when > using IE. However Firefox only intercepts the two 'zip' files. the com > and txt file can be accessed. Could it be the case that these were already in your Firefox local cache? > In addition, both IE & Firefox allow access to the https linked files. Quite natural as https is encrypted and all the proxy sees in plain text is a request to connect to the hostname of the https url. You can use the sslbump feature of Squid-3.1 to break SSL encryption if your users agree to this. But not without seriously crippling https at the same time. But if your alternative to comply with regulations and policy is to otherwise completely block https access then this may be an option.. Regards Henrik
