On Sat, Jun 12, 2010 at 10:07:51AM +0300, Henrik K wrote:
> On Fri, Jun 11, 2010 at 11:47:38AM -0700, Kurt Buff wrote:
> > 2010/6/11 Henrik Nordström <henrik_at_henriknordstrom.net>:
> > > fre 2010-06-11 klockan 11:02 -0700 skrev Kurt Buff:
> > >> All,
> > >>
> > >> I've been biggling around teh interwebs, and crusing through the faqs
> > >> and manuals, and don't see how to block this protocol.
> > >
> > > Not much Squid can do about this. It's a local exploit on the Windows
> > > workstation when the browser, email program or whatever that processes
> > > URLs in any context sees specially crafted hcp:// URLs.
> > >
> > > Regards
> > > Henrik
> >
> > I was hoping that squid could detect the urls in web pages and either
> > block the entire page or elide that url.
>
> That's the job of DansGuardian, Privoxy, ClamAV or any other tool including
> ICAP ones that is able to process and block body contents.
>
> As I understood, once you click the hcp:// it's already too late. It doesn't
> matter if you deny the request in Squid.
Forget that last sentence, it's obvious hcp:// requests would never even get
to Squid since it's not http..
Anyway, good luck blocking it once it's obfuscated by javascript etc. ;)
Received on Sat Jun 12 2010 - 07:33:35 MDT
This archive was generated by hypermail 2.2.0 : Mon Jun 14 2010 - 12:00:03 MDT