[Privoxy-users] Would Privoxy benefit from AVscan/Malware protection?
Haroon
haroon at shawwal.duckdns.org
Sat Jul 22 12:56:41 UTC 2017
In my configuration Squid comes before Privoxy, which I assumed was the
preferred way of chaining them.
On Sat, 22 Jul 2017, Beeblebrox wrote:
>
> How should Privoxy be used in conjunction with AVscan/Malware Detectors? Am I wrong in assuming that a scanner placed in front of Privoxy would help protecting (not considering the SOCKS tunnel here) Privoxy its self?
>
> As the simplest example, let's take clamav: Can a modified c-icap handoff for squidclamav be used in Privoxy, thereby dismissing the need for squid to do this task? Using squid, the chain is:
> Internet -> Privoxy -> squid/scan-engine
> So traffic is not scanned before reaching the Privoxy jail, but not sure if that exposes any vulnerability. If c-icap could be used, would it add security to Privoxy?
>
> If another consideration is to use IDS/IPS tools, how should the traffic chain be? I assume: Internet -> IPS -> Privoxy
>
> Of course for SOCKS, the scan would have to take place behind Privoxy no confusion there.
>
> P.S. Thanks a lot Fabian & Nick for the pointers in the other thread user-agent based forwarding - much appreciated.
>
> Regards.
>
> --
> HardenedBSD_amd64_12-Current_RadeonKMS
> Please CC my email when responding, mail from list is not delivered.
> _______________________________________________
> Privoxy-users mailing list
> Privoxy-users at lists.privoxy.org
> https://lists.privoxy.org/mailman/listinfo/privoxy-users
>
More information about the Privoxy-users
mailing list