Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense - on access virus scanner

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 4 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      chennaichris
      last edited by

      Hello

      Here is my present situation.

      There are 15 computers networked. The other 14 computers connect to the internet via a gateway computer

      computer15.

      Computer15 is running windows XP and it is running a proxy server also. So all 14 computers in LAN access computer15 to connect the internet.

      Why ?

      Because I have installed an excellent antivirus product in computer15 and I do not want to buy any more licenses of that antivirus So what computer15's antivirus does is, it processes all emails, webpages, files that are being downloaded to the other LAN computers..So since computer15 is the gateway and the proxy, it can scan all files that are downloaded "through" it and

      ALL the other 14 computers are AUTOMATICALLY PROTECTED.

      But windows xp has its own share of problems and it is becoming slower and slower to access the internet since I read somewhere that an windows XP computer can serve a maximum of 10 network connections at a time.

      =====================================

      I want to use PFSENSE for the gateway computer alone. All the other 14 computers will still use windows XP

      Can anyone please tell me

      1. So can I use all my individual existing applications like SSH, ftp, yahoo messenger, msn, mysql-front, windows remote admin etc as it is on the windows computers or should they need to be configured differently ?

      2. Here comes the main reason for my question I assume clamav can be installed with pfsense but what do I do or how to configure it such a way that each and every file or email or website that goes through the  pfsense proxy server gets scanned automatically ?

      This is important since none of the other 14 computers running windows xp will have any kind of antivirus installed . THEY all will depend on this PFSENSE gateway computer for their dear LIFE !!

      Chris

      1 Reply Last reply Reply Quote 0
      • P
        Perry
        last edited by

        I think http://www.untangle.com/ will be a better fit.

        /Perry
        doc.pfsense.org

        1 Reply Last reply Reply Quote 0
        • Cry HavokC
          Cry Havok
          last edited by

          Unless your proxy understands every IM client (and those IM clients aren't just using HTTPS CONNECT, making the content invisible) and you've banned all HTTPS pages (see previous comment) you're still vulnerable.  Heck, all it takes is a password protected ZIP file with malware inside, or just a piece of malware (maybe on a web page) that the AV on your proxy doesn't recognise.

          You should install suitable protection on every machine on the network.  There are a number of free (for non-commercial use) AV products out there if you're short of money.  Don't forget to cover the spyware front too, something very few AV products catch yet (because it's better business sense to sell 2 products).

          1 Reply Last reply Reply Quote 0
          • E
            eri--
            last edited by

            There are ways to do such configs not from the pfsense gui!

            Search google if you want to do such a config but it just provides basic security and not a real protection.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.