AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
C icap8/18/2023 The basis of this proxy server is Ubuntu 12.10 LTS. ![]() So in this post I will document how to setup a content-scanning proxy based on Squid 3.1, c-icap version 1, the Squidclamav module and the Clamav anti-virus scanner. In this case, open-source as in free to use in commercial settings. ![]() So I decided to create a content-scanning proxy based on available open-source software. ![]() There are man-in-the-midle solutions that do allow you to inspect SSL traffic, but there are some limitations and this is outside the scope of this post.Īs I believe that most malware is still being served through unencrypted HTTP sites, a content-scanning proxy does create an extra layer of defence. So if a blackhat is smart and serves all malware through HTTPS, a content scanning proxy will not stop that malware. Any data requested through an SSL-connection ( cannot be scanned, precisely because it is encrypted. Basically, the proxy server is virusscanning all network traffic.īut there is a severe limitation. This may prevent numerous infections of company computers. It blocks all content presumed to be infected. A content scanning proxy checks all data for malware. So every layer will increase the time and effort to compromise your environment.Ī content-scanning proxy server may provide you with one of these defensive layers. ![]() Every layer presenting a different set of challenges, requiring different skill sets and technology. Security is all about a defence-in-depth strategy.
0 Comments
Read More
Leave a Reply. |