Defeating CGI-Proxies???
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Defeating CGI-Proxies???

  1. #1
    Senior Member treanglin's Avatar
    Join Date
    Dec 2003
    Posts
    110

    Post Defeating CGI-Proxies???

    Hey you guys. ( sighs) I'm stuck. For the past week I have been attempting to block this myspace website at work and I've run into problems. At one of the buildings I work at we are just using a Linksys router w/ no url blocking or ip blocking mechanisms. (I've updated the firmware and everything). So at that site I just used the built-in web page blocking feature of IE, and so far this has worked. At the second site, which uses firefox, we have a SonicWall router that has all sorts of wonderful features like firewall settings and content filtering...but, alas, the kids have finally figured out about cgi-proxy servers. Myspace.com has literally led to fights among individuals and gangs here in Rochester (and we already had enough fights w/o the website. Just today I had to leave the site mentioned above because 4 fights broke out in the building and the fire alarm was pulled 2wice) and so to crack down on kids being able to access the site (they will spend hours on the thing) we have been blocking it. But now that these kids keep finding differnt proxy servers to bypass our filters I'm trying to find out more about how these specific servers work and stunt their effectiveness. Is there anyone out there who knows how to break the effectiveness of these servers w/o having to add each one to our filter list?
    "Do you know why the system is slow?" they ask

    "It's probably something to do with..." I look up today's excuse ".. clock speed"
    -BOFH

  2. #2
    Senior Member br_fusion's Avatar
    Join Date
    Apr 2002
    Posts
    167
    At your borderline routers/firewalls, I would try filtering out any outbound proxy connections. Some common proxy ports are:
    81,8080,1080,3128,6588

    So this:
    Computer--->Firewall--->Proxy------>MySpace
    becomes:
    Computer------->Firewall
    Computer<-------Firewall

    Good luck
    The command completed successfully.


    \"They drew first blood not me.\"

  3. #3
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    Carefull with the 8080 ports though - some legitimate web traffic uses this port - I.E HTTPS.


    It seems a (for want of a better word) amateurish set-up - I dont mean the person who set it up is amateurish, I mean the equipment you have available to you and the actual hardware setup.
    The reason I say this is you make no mention of a Firewall, Proxy server (on your network) etc.

    If this is the case one way, depending on how many hosts are on the site is to go in to the Internet Options > Security > Restricted sites and them enter the Myspace.com URL.
    The take the option away for users to alter the Internet Options.

    Not an ideal solution by any means but it is a Solution!

    If I am wrong and you do have a firewall/proxy on your network - let us know what ones you have!

    Hope it helps!
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  4. #4
    If you have the ability to filter via content, you can create your own myspace signature for the filter. There are several things unique to myspace, especially the logon page.


    You can take a static part of that and restrict any site that uses it. This will eliminate most proxies. The only time you will run into problems is with SSL based proxies.

  5. #5
    Senior Member Spekter1080's Avatar
    Join Date
    Oct 2005
    Location
    Iowa
    Posts
    101
    See if there is some sort of update or something for SonicWall as well. I know of a school that has a SonicWall that will block any attempt at accessing proxies. I do not know exactly what they changed, but it does work reasonably well.
    there's always a way in...

  6. #6
    Senior Member treanglin's Avatar
    Join Date
    Dec 2003
    Posts
    110
    Yeah, I thought about blocking ports and stuff until I noticed that the websites do not use any other port besides port 80. Try them for yourself if you are not already failiar with them: hidemyass.com eatmoreblueberries.com, vtunnel.com, atunnel.com, btunnel.com ctunnel.com, etc) It's a really clever type of service and It's been giving me a totally hard time. I'll look into updating the software on the Sonicwall router and see what happens. Also, yeah, I already tried using the IE restuctions. they are of no use w/ this kind of thing.
    I just used the built-in web page blocking feature of IE
    It worked at the one site that I work at because the kids havn't found out about the proxy websites.

    Thanks for replying though you guys. If I ever find a solution I will post it for anyone else out there who's looking for one.
    "Do you know why the system is slow?" they ask

    "It's probably something to do with..." I look up today's excuse ".. clock speed"
    -BOFH

  7. #7
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    Posts
    1,564
    Could you not introduce a MSVP HOSTS file and manually enter the myspace URL, then make the folder the HOSTS file sits in restricted...HOSTS INFO so it can't be edited... May find some other answers at this site...
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

  8. #8
    Dalek, that won't work, because of the proxy. Myspace is not actually being sccessed. It is all through the proxy.

  9. #9
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    But to go through the proxy you still have to type the My Webspace URL in to your address bar - if your have a hosts file enabled this is the first place that is checked before anything else.

    Try putting the my wbspace URL but with say googles IP addy in the Hosts file! then restrict write access to it
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  10. #10
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Can you afford to put an inline snort box in place... Then you can write a fairly simple "drop" rule for any packet that contains "MySpace"... That would defeat anything but an encrypted connection.
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides