Using Squid to filter Internet access
The Internet Content Adaptation Protocol (ICAP) was designed for transparent web proxies to query an external service as to whether or not a request should be served. It is most commonly used for content filtering and anti-virus scanning.
This approach does have some challenges, though. For example, when using SquidClamav  to tie the ClamAV scanner into your Squid server, you might encounter timeouts on clients, because the entire file must be downloaded and scanned before it is served to the client; it cannot be scanned on the fly and served to the client using SquidClamav. So, although this approach will work well for smaller files, it may cause problems with larger files. The other downside of ICAP is that although a few ICAP servers are available, there are very few good content sources (e.g., malicious URLs) that you can feed into your ICAP service.
I have strong feelings (mostly pro) about unfiltered and unlimited Internet access, but I also recognize that blocking the bad stuff (spammers, ad servers, tracking cookies, etc.) will generally make for a less annoying and better Internet experience. Additionally, certain user communities (e.g., children) should not have unfiltered access, whereas other groups might need filtered access for legal reasons. As a final note, much like a firewall, having a web proxy can allow you to detect malicious incoming and outgoing traffic and block it, thus preventing problems from getting bigger.
- "Squid in the Middle" by Kurt Seifried, Linux Magazine, October 2012: http://www.linux-magazine.com/Issues/2012/143/HTTPS-Proxy
- Squid: http://www.squid-cache.org/
- Squid Config Examples: http://wiki.squid-cache.org/ConfigExamples
- SquidClamav: http://squidclamav.darold.net/
Buy this article as PDF
Weird data transfer technique avoids all standard security measures.
FIDO alliance declares the beginning of the end for old-style login authentication.
The Linux New Media Awards have honored the most significant products, projects, people, and organizations for open source/Linux every year since 2000.
Legendary Uber-distro splits over the systemd controversy.
New LTS version offers many refinements for the Cinnamon and Mate desktops and significant improvement under the hood.
One of CeBIT’s most successful forums returns in 2015.
A new study says it is possible to unmask 81% of TOR users.
Redmond joins the revolution by turning the .NET Core Runtime into a GitHub project.
Users only had 7 hours to update before the intrusions started.
It's official: The new web arrives