Hi there, i'm looking for some kind of http-content-filter to avoid having malicious jscript/activex-stuff delivered to local clients browsing the web. Does anyone know an appropiate open source solution? Kind regards, Denis Hoffmann
On Wed, 11 Dec 2002 dhoffmann@obg-bau.de wrote:
i'm looking for some kind of http-content-filter to avoid having malicious jscript/activex-stuff delivered to local clients browsing the web. Does anyone know an appropiate open source solution?
Hum, i.e. httpf (http://httpf.sf.net) or squid-icap-client (http://icap-server.sf.net/squid.html) + an ICAP-server, which has filitering capabilities. HTH best regards, Rainer Link (SuSE Labs) -- Rainer Link | SuSE Linux AG - The Linux Experts link@suse.de | Developer of A Mail Virus Scanner (www.amavis.org) www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)
On 12/11/2002 08:38 PM, dhoffmann@obg-bau.de wrote:
i'm looking for some kind of http-content-filter to avoid having malicious jscript/activex-stuff delivered to local clients browsing the web. Does anyone know an appropiate open source solution?
Check out http://www.dansguardian.org -- Joe Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: http://www.mydestiny.net/~joe_morris Registered Linux user 231871 God said, I AM that I AM. I say, by the grace of God, I am what I am.
El mié, 11-12-2002 a las 09:38, dhoffmann@obg-bau.de escribió:
i'm looking for some kind of http-content-filter to avoid having malicious jscript/activex-stuff delivered to local clients browsing the web. Does anyone know an appropiate open source solution?
Check wwwoffle and smart cache. Both are good/small proxy servers (scache is a java application, but is good anyway) that have some smart features in filtering/modifying fetched pages that can be useful (not sure if exactly what you want, but those are the first I would check). Saludos Gustavo
Hi there,
i'm looking for some kind of http-content-filter to avoid having malicious jscript/activex-stuff delivered to local clients browsing the web. Does anyone know an appropiate open source solution?
Try dansguardian @ http://www.dansguardian.org/. Look for http://blacklist.dansguardian.org/ to get latest blacklists of banned servers. Edit /etc/dansguardian/bannedextensionlist to ban scripts with common extensions. To let the admin make Updates for Software allow access from internal to unfiltered proxy and filtered proxy (common 3128/8080). To ban mimetypes edit /etc/dansguardian/bannedmimetypelist. The /etc/dansguardian/bannedphraselist is no good solution, because even links to shit.gif filter the whole page, if the word shit is banned. Decide to block content (on fqdn/hostname basis) with the blackist and/or only extension blocking. Here you have the option to block content with /etc/dansguardian/bannedsitelist (e.g. block porn, games, chat for workers). For that purpose you need to download the blacklist (see above). I tested multiple filters and found out dansguardian is the fastest solution for me and maybe others, too. Philippe Fast solution: /etc/dansguardian/
Hello List, * dhoffmann@obg-bau.de wrote on Dec/11/2002:
Hi there,
i'm looking for some kind of http-content-filter to avoid having malicious jscript/activex-stuff delivered to local clients browsing the web. Does anyone know an appropiate open source solution?
You could check out privoxy as well - they have improved the good old Internet JunkBuster (so you can filter much more than what you're looking for now and much more flexibly) and they even have SuSE rpms. http://www.privoxy.org/ HTH, Andreas -- Just because you're paranoid, that doesn't mean they're not after you. -- My Public PGP Keys: 1024 Bit DH/DSS: 0x869F81BA 768 Bit RSA: 0x1AD97BA5
On Wed, 11 Dec 2002 dhoffmann@obg-bau.de wrote:
i'm looking for some kind of http-content-filter to avoid having malicious jscript/activex-stuff delivered to local clients browsing the web. Does anyone know an appropiate open source solution?
sounds like you're looking for "Web Application Shield" or "Adaptive Proxy". The only free tool I know is Web Scarab at http://www.owasp.org/ but it's far away from being productive :-( Simple attempts with malicious code can be blocked with squid or some anti- virus or web-washer tools (JunkBuster already mentioned). Are you also looking for commercial, server-side, tools? Achim
participants (7)
-
Achim Hoffmann -
Andreas Wagner -
dhoffmann@obg-bau.de -
Gustavo Muslera -
Joe Morris (NTM) -
Philippe Vogel -
Rainer Link