At a prior firm, I know that Squid was used to filter web content in some ways to protect against MSIE vulnerabilities. Probably against some URL strings which were known to exploit buffer overflows or other vulnerabilities, but I'm not sure of the specifics.
Is anyone familiar with such tactics and/or know of pages where such
techniques are described?
My current configuration is:
- WinXP clients on WiFi net.
- Linux gateway.
- Transparent iptables proxy redirect to dansguardian => squid => WWW
for all clients.
I'm also wondering if it's possible to plug clamav into the circuit as
well, and/or if this is worthwhile.
There's also content filtering provided (via dansguardian, which is
pretty much plug'n'play), and I'll be blocking against known problematic
IP and domain ranges.
Peace.
--
Karsten M. Self <[EMAIL PROTECTED]> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
Save Bob Edwards! http://www.savebobedwards.com/
signature.asc
Description: Digital signature
