I know ipfiltering with iptables is no problem, but after doing some research, I've seen no definate answer that this can be done with software that's currently out there under the GNU license. I'd like to build a filtering router for my local network of M$ machines so that I won't have to deal or worry with adware. I'd love for it to block all jscript, activex, cookies, ads, and worms/trojans with live filtering. Anyone got any ideas. Btw, I am a newb to linux so don't hurt me too much

We have been very successful in reducing the adware, advertisements, and other such filth our users see on the web. While I do maintain some ipfiltering with my iptables firewalls, Squid and it's wonderful cousin SquidGuard have really made the difference.

Here is how it works:

Most of the major spyware apps that you see on a corporate LAN originate on a handful of domains. The same is true for most advertisements, pop-ups and embedded. Once you figure out where they originate, blocking becomes easier.

Set up Squid to proxy the web for your network.
Set up SquidGuard (keep those blacklists current)
Create a custom blacklist (domains file and url file) and store them with the default ones.
Set up Saint and/or Sarg to monitor Squid usage.

Each time you find spyware on a pc, check sarg to see where the machine was going on the web. You should see connections to the same servers over and over again (Ad fetching and updating and telling the scum who wrote it where you surf). If you are not sure of a url, try it in a browser, they normally will display an error.

After a few weeks you will have a pile of urls used by the scumware which you simply add to your custom url file discussed above.

Once you get comfortable blocking spyware, create another custom file for ad-servers like doubleclick and the like.

While the above wont stop spyware from installing itself, or being installed, it will prevent them from downloading pop-up ads and other scumware.

I know about Sarg, but what is Saint? I tried to google on that.
Beside having to do acrobatic queries to avoid christian saints, most of the pages in the result did not have the world saint in them! (google bug or what?). That was quite irritating.

Bottom line is I did not find any saint. So I thought, maybe you did a spelling mistake?

i've heard of this saint, but i'm not sure if it's the one you're talking about:

http://www.saintcorporation.com/prod...nt_engine.html

Tanks for the link. I took a look at this saint ("Security Administrator's Integrated Network Tool"), read some of the website articles and carefully examined their online demo, yet I could not find anything related to squid.

sounds like this is what you are looking for: http://www.privoxy.org/

or maybe a simple squid plugin will satisfy your needs: http://adzapper.sourceforge.net

as for the worms/trojans, you could try this plugin: http://viralator.sourceforge.net/

you could make it work with the clamav scanner: http://www.clamav.net

there's also virus-scanning plugins for dansguardian, for example:

http://www.pcxperience.org/dgvirus/

http://www.harvest.com.br/asp/afn/dg.nsf

just my ...

yeah, me neither... but it's the only saint i'd ever heard of...