I can't really see how blocking non-HTTP traffic would reduce the amount of viral infections. Unless your caching proxy also does virus scanning in-stream, which is uncommon but not unheard of.
Surely the most effective way to rid yourself of viruses would be to migrate to GNU/Linux? It's very hard for a user to run malware accidentally on such a system. It can even be made all but impossible if one hardens the environment, disables the executable bit on any partitions writable by the user, makes sure all binaries which are run SUID root are compiled to allocate memory in a non-predictable way to defuse any undiscovered buffer overflow flaws (can't remember the exact terms for it) and so on. I once, purely for academic reasons of course, threw together my own little browser add-on which sent a copy of all entered form data to my server for later perusal. It was a trivial thing to do, and that's quite troubling since a lot of things take place in the browser nowadays. Even a lowly privileged user has enough access to install add-ons in her own browser profile, and this is a problem area often overlooked by IT departments. sanga collins <[email protected]> wrote: >Lol we don't block access for the IT dept. the aim is to prevent the >casual >user from abusing systems provided for them to get work done. There are >many ways to get to face book. Mobile devices are the most common. I >leave >that to the HR dept to sort out. >From an IT perspective our biggest problem is viruses and the time >wasted >cleaning them. This has reduced infection rate per location to a >negligible >number. > > >On Saturday, October 13, 2012, Peter C. Ndikuwera wrote: > >> Well, there are public https-proxies available. Or I could run a >private >> external SSH server on port 443 (yes I know it's quite technical but >I love >> me some facebook!). Do you check the _type_ of traffic? >> -- >> Evolution (n): A hypothetical process whereby infinitely improbable >events >> occur with alarming frequency, order arises from chaos, and no one is >given >> credit. >> >> >> > >-- >Sanga M. Collins >Network Engineering >~~~~~~~~~~~~~~~~~~~~~~~ >Google Voice: (954) 324-1365 >E- fax: (435) 578 7411 > > >------------------------------------------------------------------------ > >_______________________________________________ >The Uganda Linux User Group: http://linux.or.ug > >Send messages to this mailing list by addressing e-mails to: >[email protected] >Mailing list archives: http://www.mail-archive.com/[email protected]/ >Mailing list settings: http://kym.net/mailman/listinfo/lug >To unsubscribe: http://kym.net/mailman/options/lug > >The Uganda LUG mailing list is generously hosted by INFOCOM: >http://www.infocom.co.ug/ > >The above comments and data are owned by whoever posted them (including >attachments if any). The mailing list host is not responsible for them >in any way.
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
