DarkFoon wrote:
Is there anybody working on a package that does anti-vir scanning on incoming internet packets?
Well, I am trying to get it done. My approach is to get snort and snortsam working with pf first. Snortsam is a package that can add rules dynamically to variety of firewalls, including pf, based on alerts from snort. Right now there is a bug in pf2 plugin for snortsam that is stopping the show, I am trying to get it fixed. Next step would be to get the clamav plugin for snort working. All these 3 working together will scan all packets for virus and will terminate any connection that has virus.
But one thing you have to keep in mind is that such approaches are never going to be 100% perfect.
raj
