From owner-freebsd-questions@FreeBSD.ORG Fri Nov 12 19:22:49 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AD7AE16A4CE for ; Fri, 12 Nov 2004 19:22:49 +0000 (GMT) Received: from imo-m23.mx.aol.com (imo-m23.mx.aol.com [64.12.137.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4617F43D48 for ; Fri, 12 Nov 2004 19:22:49 +0000 (GMT) (envelope-from TM4526@aol.com) Received: from TM4526@aol.com by imo-m23.mx.aol.com (mail_out_v37_r3.8.) id b.1a7.2adb9674 (2519); Fri, 12 Nov 2004 14:22:42 -0500 (EST) From: TM4526@aol.com Message-ID: <1a7.2adb9674.2ec66782@aol.com> Date: Fri, 12 Nov 2004 14:22:42 EST To: bsilver@chrononomicon.com MIME-Version: 1.0 X-Mailer: 9.0 for Windows sub 5114 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.1 cc: questions@freebsd.org Subject: Re: Squid+Privoxy or Snort? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Nov 2004 19:22:49 -0000 In a message dated 11/12/04 1:22:56 PM Eastern Standard Time, bsilver@chrononomicon.com writes: > The issue with proxies is that they are a drag on your network; using > squid as a firewall only isnt very smart. If you are already using it > fine. But on a large network you are better off using a firewall or > some > sort of bandwidth management like the stuff on etinc.com. >I thought his issue was more on finding internal systems having >problems and blocking the specific sites from getting hit. > >The proxy should speed up access if the same sites are being hit, as The "proxy" doesn't "speed access", the cache does. So using squidguard without squid enabled, or privoxy or SNORT which are not caches, is what I was referring to. proxy != Cache which is I think is your confusion.