Em 02-10-2015 16:45, Predrag Punosevac escreveu: > 1. strip as much as possible unwanted ads, banners, pop-ups, and > similar junk
There are tons of info regarding this. You're on the right direction thinking of Squid, Dansguardian, etc. There is one recent addon from EFF called Privacy Badger that deserve some mentioning. Instead of using lists, it inspects the tracker behaviuor and blocks them if they are bad. So, an addon has it's uses. > > 2. Scan http and possibly https for viruses (thereby protecting kids > devices as much as I can). You can possibly use realayd as a MITM intercepting proxy for TLS. See: http://www.reykfloeter.com/post/41814177050/relayd-ssl-interception http://www.openbsd.org/papers/relayd-asiabsdcon2013.pdf I think there was something in squid also, in that regard. But, keep in mind that you'll need to install and maintain your CA certs on all your devices(with varied degrees of success making all of them work), and you'll probably need to prevent any other new device from using the same network as yours. Also, I don't think that the sites using pinned certs will work. I know chrome does allow usage of custom CA's, and firefox has an option also. But that is not true for every browser (or lib that some app might be using). To complicate things further, there is HPKP. You can also use pflow(4) with nfsen for detecting odd behaviour in your network, and try to catch anything that might have passed. Cheers, Giancarlo Razzolini
