Web Filter 'Malicious' versus 'Spyware' rules?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Web Filter 'Malicious' versus 'Spyware' rules?

Gnomad
The Ads and Malicious categories under Services > Web Filter > Basic Settings get handled completed differently to the remainder of the categories.  These first two have a bunch of different rules and download URLs, whereas the others are all unpacked from http://www.shallalist.de/Downloads/shallalist.tar.gz 

Presumably then, the Spyware rules from shallalist probably overlap a lot of the Malicious ones - has anyone done any sort of analysis to confirm?

I've had some problems with snort blocking all traffic once I enable Spyware blocking, so I'm wondering if I'm seeing duplicates or hitting some rule limits..
Router 1.51 SP1, fw_upgrade v8.3.6
Reply | Threaded
Open this post in threaded view
|

Re: Web Filter 'Malicious' versus 'Spyware' rules?

user8446
Administrator
Wish I could help but I'm doing my content filtering through OpenDNS and using the shield for IPS. I remember trying it out early on and DNS was super slow with the shield.
Running in bridge mode, 1.51 SP1 fw