From owner-freebsd-security  Thu Apr  5 23:59:35 2001
Delivered-To: freebsd-security@freebsd.org
Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220])
	by hub.freebsd.org (Postfix) with ESMTP id B215C37B446
	for <freebsd-security@freebsd.org>; Thu,  5 Apr 2001 23:59:28 -0700 (PDT)
	(envelope-from wes@softweyr.com)
Received: from [127.0.0.1] (helo=softweyr.com ident=f0398585d9e4c4b629560f1981ddfb83)
	by homer.softweyr.com with esmtp (Exim 3.16 #1)
	id 14lQBu-0000Ii-00; Fri, 06 Apr 2001 00:57:54 -0600
Message-ID: <3ACD68F2.E0604EF1@softweyr.com>
Date: Fri, 06 Apr 2001 00:57:54 -0600
From: Wes Peters <wes@softweyr.com>
Organization: Softweyr LLC
X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
Cc: Olivier Nicole <on@cs.ait.ac.th>, uknowho@n0mansland.net,
	freebsd-security@FreeBSD.ORG
Subject: Re: Filtering inappropriate content
References: <200103280604.f2S648R14405@cwsys.cwsent.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Cy Schubert - ITSD Open Systems Group wrote:
> 
> In message <200103280405.LAA16283@banyan.cs.ait.ac.th>, Olivier Nicole
> writes:
> > >The organization is looking to filter web content only.  Apolgies for
> > >the confusion.
> >
> > Squid has some rules to do contents filtering I guess.
> 
> I tried it.  Squid is not all that effective.  For example, matching
> expressions can be found in perfectly legitimate URL's, e.g. a sun.com
> web page has the character string "sex" in it (I think it was a Virtual
> Adrien component called RICHPsex), so my filter blocked it.  I'm sure
> that operators of web sites that you want to block could name their
> files and directories with non-offending names, bypassing your filter.
> A squid filter may not have the desired effect.
> 
> The only solution I can think of that works is to subscribe to a
> service that maintains a database of offending sites.

Real-time analysis is much more effective.  Visit the RuleSpace site for
information on a commercial SDK that can do this on FreeBSD.  

	http://www.rulespace.com/contexion/products/eatk/

-- 
            "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                         Softweyr LLC
wes@softweyr.com                                           http://softweyr.com/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message