Web filtering (Proxy or DNS) with option for users to ignore the block
Posted
by Jon Rhoades
on Server Fault
See other posts from Server Fault
or by Jon Rhoades
Published on 2010-03-15T12:24:09Z
Indexed on
2010/03/15
12:29 UTC
Read the original article
Hit count: 407
We are struggling with our users visiting infected or "attack" sites and Phising in general. Most of our machines are protected by an Enterprise anti virus and monitoring solution (McAffe ePO) and we try to get people to use Firefox... But no AV is perfect and we have to endure personal machines as well (albeit on their own 'Plague' VLANs) and would like to do something about Phishing as our users seem intent on disclosing their passwords to the world...
To complicate matters we don't want to implement a block for many many reasons instead we would like to implement something akin to Firefox's "Reported Scam/Phish/Attack Site" - "Get me out of here" or crucially "Let me in anyway", giving the user a choice to still infect themselves if they feel like it (or look at a site incorrectly blacklisted).
The reason we can't just use Firefox is we have a core enterprise App only certified on IE6&7 - thank you Oracle.
Is it possible to implement this type of advisory filtering either using a proxy (in our case Squid) or DNS?
http://serverfault.com/questions/15801/what-free-options-are-available-for-web-content-filtering http://serverfault.com/questions/47520/open-source-filtering-of-https-traffic
Were a good start, but they don't address the advisory aspect of the filtering.
© Server Fault or respective owner