PfSense, Squid running ClamAV stopped a virus again WOW great work
-
Check it out
-
ClamAV found something suspect in a "http" stream.
That's "easy" en very feasible a decade or so ago.The device "192.168.1.5" was really visiting a http site ? Is 192.168.1.5 a PC ? Phone ? xbox ?
Or a https site that includes contaminated javascripts from other sites, using "http" so the browser would have yelled already.Most, if not all sites, are https these days. I would say 'bravo' when Squid+ClamAV finds something in TLS streams. That's much harder to do.
-
@gertjan ClamAV uses Icap with squid is it possible for it to do that? Icap is http. It has caught a virus on the streamer once also however. My browser itself did not catch the issue this time all ClamAV with this one. This was a iMac running desktop version M1 2021. This was me looking for math help.
