The filter is squid + clamAV + dansGuardian. On Saturday, October 13, 2012, sanga collins wrote:
> If I could run Linux desktop I would. some applications are windows only > with no viable alternative. Some govt services require IE7 and activeX. I > have zimbra email, zentyal pdcs, libre office with m$ icons ;) so we are > almost there ... > > On Saturday, October 13, 2012, [email protected]<javascript:_e({}, > 'cvml', '[email protected]');>wrote: > >> I can't really see how blocking non-HTTP traffic would reduce the amount >> of viral infections. Unless your caching proxy also does virus scanning >> in-stream, which is uncommon but not unheard of. >> >> Surely the most effective way to rid yourself of viruses would be to >> migrate to GNU/Linux? It's very hard for a user to run malware accidentally >> on such a system. It can even be made all but impossible if one hardens the >> environment, disables the executable bit on any partitions writable by the >> user, makes sure all binaries which are run SUID root are compiled to >> allocate memory in a non-predictable way to defuse any undiscovered buffer >> overflow flaws (can't remember the exact terms for it) and so on. >> >> I once, purely for academic reasons of course, threw together my own >> little browser add-on which sent a copy of all entered form data to my >> server for later perusal. It was a trivial thing to do, and that's quite >> troubling since a lot of things take place in the browser nowadays. Even a >> lowly privileged user has enough access to install add-ons in her own >> browser profile, and this is a problem area often overlooked by IT >> departments. >> >> sanga collins <[email protected]> wrote: >>> >>> Lol we don't block access for the IT dept. the aim is to prevent the >>> casual user from abusing systems provided for them to get work done. There >>> are many ways to get to face book. Mobile devices are the most common. I >>> leave that to the HR dept to sort out. >>> From an IT perspective our biggest problem is viruses and the time >>> wasted cleaning them. This has reduced infection rate per location to a >>> negligible number. >>> >>> >>> On Saturday, October 13, 2012, Peter C. Ndikuwera wrote: >>> >>>> Well, there are public https-proxies available. Or I could run a >>>> private external SSH server on port 443 (yes I know it's quite technical >>>> but I love me some facebook!). Do you check the _type_ of traffic? >>>> -- >>>> Evolution (n): A hypothetical process whereby infinitely improbable >>>> events occur with alarming frequency, order arises from chaos, and no one >>>> is given credit. >>>> >>>> >>>> >>> > > -- > Sanga M. Collins > Network Engineering > ~~~~~~~~~~~~~~~~~~~~~~~ > Google Voice: (954) 324-1365 > E- fax: (435) 578 7411 > -- Sanga M. Collins Network Engineering ~~~~~~~~~~~~~~~~~~~~~~~ Google Voice: (954) 324-1365 E- fax: (435) 578 7411
_______________________________________________ The Uganda Linux User Group: http://linux.or.ug Send messages to this mailing list by addressing e-mails to: [email protected] Mailing list archives: http://www.mail-archive.com/[email protected]/ Mailing list settings: http://kym.net/mailman/listinfo/lug To unsubscribe: http://kym.net/mailman/options/lug The Uganda LUG mailing list is generously hosted by INFOCOM: http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The mailing list host is not responsible for them in any way.
