I don't think you'd be able to get this working on a packet level as you'll need to assemble all the packets for a specific transfer then scan then - otherwise you'll never find any suspect data. You might be able to run some sort of proxy to scan all incomming http data with specific MIME types but I assume this is a challenge to setup (if at all possible) as I've never seen it done; hence people roll out anti-virus software on the desktop. I know you can get apps to scan incomming mail attachments if you have your own mail relay, mimesweeper being one, but I don't know if there is a linux version.
cheers
Jamie...
|