filter msn access

[tecknojunky]

I know you can connect to MSN through a SOCKS proxy (what is it).

I was wondering if it was possible to filter MSN traffic to shake out malware. I'd mostly like to be able to run a virusscan of files that would be transferd, stuff like that.

How should I go about? I have a squid proxy for http caching, is it good enough?
_________________
(7 of 9) Installing star-trek/species-8.4.7.2::talax.

[BlackB1rd]

Force your msn to use a proxy server (squid as you mentioned is already running, so this should be easy). Then, install something like dansguardian with virus support. This way all msn traffic (since it will pass though the proxy) get scanned for virusses. Though, i'm not sure if direct file-transfer can work this way.

I am currently using the hard masked dansguardian-dgav package, which should work fine for you (it's hard masked because of bug #89948) . But i only use it for browsing, not msn. So again, this might work but i don't know much about the way msn handles it's traffic.

[tecknojunky]

I also have f-prot on the server for mail virii scanning, I don't know if I can integrate that instead. I'm not sure I want/can to scan for file transfers. I think it has its own protocol since some negociations takes place directly between the two boxes. You kind of realize that when you try to transfer stuff between two NATed machines. It does not work because one client send a NAT IP address, and the other can't route packets to that on the public network. So I don't think it's possible to scan files transfer upstream on a proxy, unless it is the proxxy that negociate and receive the file transfer, and I don't think squid does that, but maybe others do?

I'm ot using Windows anymore myself, but some users inside the lan do, and some trojan made is way thrue MSN. So I was brain storming ideas to see if I can prevent that in any way.

Thanks for the tip. I will check out dansguardian.
_________________
(7 of 9) Installing star-trek/species-8.4.7.2::talax.