I've been using HAVP with libclamav for years now, and have liked it. Now, of course, the prevalence of HTTPS limits the utility of something like HAVP. (I sometimes wonder what the *net* improvement in security is when HTTPS is used, given that one is now almost totally dependent on how secure the Web server is.)
P.S. What I would really like to see is for browsers to have hooks to attach a plugin virus scanner like HAVP or clamd for scanning of the *decrypted* content. (Centralized MITM scanning invalidates some security and privacy principles, in my opinion.) On Wed, 1 Apr 2020 20:38:41 +0300 Henrik K <h...@hege.li> wrote: > On Wed, Apr 01, 2020 at 04:36:15PM +0100, G.W. Haywood via > clamav-users wrote: > > Hi there, > > > > On Wed, 1 Apr 2020, Andrea Venturoli via clamav-users wrote: > > > > >I'm trying the combination Squid + C-ICAP + SquidClamAV + ClamAV, > > >and I'm seeing terrible performance. > > >... > > >Perhaps someone here is using the same thing or knows how to better > > >tweak the engine. > > > > I'm not surprised that the performance is terrible. :/ > > > > To me it sounds like this will not be a quick tweak but a project, > > and a lot of work, but it might prove to be a valuable contribution > > to the security of a large number of users. > > There's nothing new about HTTP scanning even with ClamAV. I > co-maintained HAVP scanner (havp.org / havp.hege.li) for years, it > had a very clever method and worked fine. But pretty much all > websites are SSL encrypted these days, so there's nothing to scan > unless you do nasty man-in-the-middle decryption. Everyone has virus > scanners on their PC, browsers have all sorts of proctection etc. > The days of proxy scanning are long gone, it's just categorizing and > blacklisting urls these days.. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
