El viernes, 16 julio del 2004 a las 02:34:28, Adam Aube escribió:
> Luis Miguel wrote:
>
> > El viernes, 16 julio del 2004 a las 12:06:07, Scott Phalen escribió:
> >>> We need a way to filter based on the whole MIME replied header or on
> >>> select mime fields (filename) to cath this downloads.
>
> >> I created an ACL to block by keyword, e.g. "dialerexe". This will block
> >> any URL that contains that word in the URL string. IF a user attempts to
> >> reach a legitimate site with that in the URL I add the site to a "safe
> >> url list" file and put that ahead of my keywords ACL.
> >> I used this site to get a list of the known dialers/spyware keywords:
> >> http://www.spywareguide.com/product_list_full.php
>
> > This is not a valid solution, you cant play Cat&Mouse all the time.
>
> You would have the same problem blocking by file name.
>
If you could do regex based on the MIME filename field or the whole mime replied header, then you can filter something like "filename=.*\.exe" stopping all .exe downloads, but you cant.
> You have the MIME type from the logs you showed us
> (application/octet-stream) - just block that using rep_mime_type and
> http_reply_access except for certain whitelisted sites.
>
If you block all "application/octet-stream", you destroy the users webs acces blocking all kind of files, for example many swf (flash) and css files are download as "application/octet-stream".
Received on Fri Jul 16 2004 - 13:18:06 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Aug 01 2004 - 12:00:02 MDT