Re: [squid-users] Re: block spyware with squid

From: Leonardo Rodrigues Magalhães <leolistas@dont-contact.us>
Date: Thu, 25 Oct 2007 16:11:38 -0200

    Once i tried that and had LOTS of false-positives with Windows CGI
based applications, just like:

http://www.something.com/myscript.exe?value=blabla ....

    myscript.exe is not a downloadable file, it's a script that will be
executed and return HTML code to the browser.

    And there's all those URLs that will reply with a executable
download but has no .exe on the URL ...

    It's a simple idea, but not as easy to implement as it seems.

Thomas Raef escreveu:
> Why not block all executables except from a list of whitelisted sites?
>
> Allow windowsupdates.com, Microsoft.com, adobe.com,...
>
> That negates the need for signature based detection.
>

-- 
	Atenciosamente / Sincerily,
	Leonardo Rodrigues
	Solutti Tecnologia
	http://www.solutti.com.br
	Minha armadilha de SPAM, NÃO mandem email
	gertrudes@solutti.com.br
	My SPAMTRAP, do not email it

Received on Thu Oct 25 2007 - 12:11:54 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Nov 01 2007 - 13:00:02 MDT