About Virus Filtering Module
Hi there, I'm working on my graduate paper which is on enabling AAA in Linux box using the netfilter framework. So I'm very interested in Zorp's virus filtering. As I'm taking a look at the patch tree (which is from the official unofficial site), I'm wondering if I can write my own virus filtering module. Did any of you guys tried to do this before? I am curious in the performance when we 'trickle' the application protocols. -- Best regards, Zihui
On Mon, 2005-11-14 at 13:34 +0800, Lin, Zihui wrote:
Hi there,
I'm working on my graduate paper which is on enabling AAA in Linux box using the netfilter framework. So I'm very interested in Zorp's virus filtering. As I'm taking a look at the patch tree (which is from the official unofficial site), I'm wondering if I can write my own virus filtering module. Did any of you guys tried to do this before? I am curious in the performance when we 'trickle' the application protocols.
Yes, we tried. The commercial version of Zorp includes a virus scanning proxy, and the upcoming 3.1 version also contains a separate virus scanning framework. We also use data trickling, however we do not trickle the application protocol itself, only the data part. I think trickling the application layer protocol part of the stream would confuse the client or server. -- Bazsi
participants (2)
-
Balazs Scheidler
-
Lin, Zihui