Features:
Forwards only allowed, harmless content
Filtering of HTTP and HTML
Using POSIX threads
Written in plain C
Generic configuration
Extensive audit possible

Documentation:
Short description of the filtering principles
Same description in German
Our paper for "7. DFN-Cert Workshop: Sicherheit in vernetzten Systemen" (7th Workshop on Network Security). Yes, German only.
The README from the distribution
... more to come

Project:
Our project page hosted by sourceforge. Access to the actual developer CVS tree, mailing lists, bugtracking lists etc.

Download:
Actual Source: Release 1-0-5 as .tar.gz file.
Old releases:
The sources of release 1.0.4 as .tar.gz file.
The sources of release 1.0.3 as .tar.gz file.
The sources of release 1.0.2 as .tar.gz file.
If you trust it: A linux binary (Intel, compiled on SuSE 6.3).
If you trust it: A solaris binary (for sparc).
If you trust it: A solaris binary (for intel).

Links:
A very rich (but less secure) webfilter: muffin.
A security project at the Stanford University to modify Java Bytecode for security reasons.
The DFN (German research network) Firewall Laboratory (DFN-FWL). They financed our work.
Other filters not especially designed for security, but to eat cookies, banners etc.: JunkBusters, WebFilter.
A very good introduction to WWW security problems: The web security FAQ from W3C.

Olaf Gellert: gellert@arasca.de
Gregor Goldbach: 7goldbac@informatik.uni-hamburg.de

Last changed: 22.08.2002.

Features:	Forwards only allowed, harmless content Filtering of HTTP and HTML Using POSIX threads Written in plain C Generic configuration Extensive audit possible
Documentation:	Short description of the filtering principles Same description in German Our paper for "7. DFN-Cert Workshop: Sicherheit in vernetzten Systemen" (7th Workshop on Network Security). Yes, German only. The README from the distribution ... more to come
Project:	Our project page hosted by sourceforge. Access to the actual developer CVS tree, mailing lists, bugtracking lists etc.
Download:	Actual Source: Release 1-0-5 as .tar.gz file. Old releases: The sources of release 1.0.4 as .tar.gz file. The sources of release 1.0.3 as .tar.gz file. The sources of release 1.0.2 as .tar.gz file. If you trust it: A linux binary (Intel, compiled on SuSE 6.3). If you trust it: A solaris binary (for sparc). If you trust it: A solaris binary (for intel).
Links:	A very rich (but less secure) webfilter: muffin. A security project at the Stanford University to modify Java Bytecode for security reasons. The DFN (German research network) Firewall Laboratory (DFN-FWL). They financed our work. Other filters not especially designed for security, but to eat cookies, banners etc.: JunkBusters, WebFilter. A very good introduction to WWW security problems: The web security FAQ from W3C.