Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense, Squid running ClamAV stopped a virus again WOW great work

    Scheduled Pinned Locked Moved Cache/Proxy
    3 Posts 3 Posters 727 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JonathanLeeJ
      JonathanLee
      last edited by

      Check it out

      Screen Shot 2022-04-05 at 8.46.43 PM.png

      Make sure to upvote

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @JonathanLee
        last edited by

        @jonathanlee

        ClamAV found something suspect in a "http" stream.
        That's "easy" en very feasible a decade or so ago.

        The device "192.168.1.5" was really visiting a http site ? Is 192.168.1.5 a PC ? Phone ? xbox ?
        Or a https site that includes contaminated javascripts from other sites, using "http" so the browser would have yelled already.

        Most, if not all sites, are https these days. I would say 'bravo' when Squid+ClamAV finds something in TLS streams. That's much harder to do.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        JonathanLeeJ 1 Reply Last reply Reply Quote 0
        • JonathanLeeJ
          JonathanLee @Gertjan
          last edited by JonathanLee

          @gertjan ClamAV uses Icap with squid is it possible for it to do that? Icap is http. It has caught a virus on the streamer once also however. My browser itself did not catch the issue this time all ClamAV with this one. This was a iMac running desktop version M1 2021. This was me looking for math help.

          Screen Shot 2022-04-07 at 7.23.28 AM.png

          Make sure to upvote

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.