-
March 23rd, 2006, 10:17 PM
#1
Defeating CGI-Proxies???
Hey you guys. ( sighs) I'm stuck. For the past week I have been attempting to block this myspace website at work and I've run into problems. At one of the buildings I work at we are just using a Linksys router w/ no url blocking or ip blocking mechanisms. (I've updated the firmware and everything). So at that site I just used the built-in web page blocking feature of IE, and so far this has worked. At the second site, which uses firefox, we have a SonicWall router that has all sorts of wonderful features like firewall settings and content filtering...but, alas, the kids have finally figured out about cgi-proxy servers. Myspace.com has literally led to fights among individuals and gangs here in Rochester (and we already had enough fights w/o the website. Just today I had to leave the site mentioned above because 4 fights broke out in the building and the fire alarm was pulled 2wice) and so to crack down on kids being able to access the site (they will spend hours on the thing) we have been blocking it. But now that these kids keep finding differnt proxy servers to bypass our filters I'm trying to find out more about how these specific servers work and stunt their effectiveness. Is there anyone out there who knows how to break the effectiveness of these servers w/o having to add each one to our filter list?
"Do you know why the system is slow?" they ask
"It's probably something to do with..." I look up today's excuse ".. clock speed"
-BOFH
-
March 24th, 2006, 12:44 AM
#2
At your borderline routers/firewalls, I would try filtering out any outbound proxy connections. Some common proxy ports are:
81,8080,1080,3128,6588
So this:
Computer--->Firewall--->Proxy------>MySpace
becomes:
Computer------->Firewall
Computer<-------Firewall
Good luck
The command completed successfully.
\"They drew first blood not me.\"
-
March 24th, 2006, 12:56 AM
#3
Carefull with the 8080 ports though - some legitimate web traffic uses this port - I.E HTTPS.
It seems a (for want of a better word) amateurish set-up - I dont mean the person who set it up is amateurish, I mean the equipment you have available to you and the actual hardware setup.
The reason I say this is you make no mention of a Firewall, Proxy server (on your network) etc.
If this is the case one way, depending on how many hosts are on the site is to go in to the Internet Options > Security > Restricted sites and them enter the Myspace.com URL.
The take the option away for users to alter the Internet Options.
Not an ideal solution by any means but it is a Solution!
If I am wrong and you do have a firewall/proxy on your network - let us know what ones you have!
Hope it helps!
-
March 24th, 2006, 01:05 AM
#4
If you have the ability to filter via content, you can create your own myspace signature for the filter. There are several things unique to myspace, especially the logon page.
You can take a static part of that and restrict any site that uses it. This will eliminate most proxies. The only time you will run into problems is with SSL based proxies.
-
March 24th, 2006, 05:39 PM
#5
See if there is some sort of update or something for SonicWall as well. I know of a school that has a SonicWall that will block any attempt at accessing proxies. I do not know exactly what they changed, but it does work reasonably well.
there's always a way in...
-
March 25th, 2006, 07:16 PM
#6
Yeah, I thought about blocking ports and stuff until I noticed that the websites do not use any other port besides port 80. Try them for yourself if you are not already failiar with them: hidemyass.com eatmoreblueberries.com, vtunnel.com, atunnel.com, btunnel.com ctunnel.com, etc) It's a really clever type of service and It's been giving me a totally hard time. I'll look into updating the software on the Sonicwall router and see what happens. Also, yeah, I already tried using the IE restuctions. they are of no use w/ this kind of thing.
I just used the built-in web page blocking feature of IE
It worked at the one site that I work at because the kids havn't found out about the proxy websites.
Thanks for replying though you guys. If I ever find a solution I will post it for anyone else out there who's looking for one.
"Do you know why the system is slow?" they ask
"It's probably something to do with..." I look up today's excuse ".. clock speed"
-BOFH
-
March 25th, 2006, 08:31 PM
#7
Could you not introduce a MSVP HOSTS file and manually enter the myspace URL, then make the folder the HOSTS file sits in restricted...HOSTS INFO so it can't be edited... May find some other answers at this site...
PC Registered user # 2,336,789,457...
"When the water reaches the upper level, follow the rats."
Claude Swanson
-
March 25th, 2006, 09:12 PM
#8
Dalek, that won't work, because of the proxy. Myspace is not actually being sccessed. It is all through the proxy.
-
March 25th, 2006, 09:18 PM
#9
But to go through the proxy you still have to type the My Webspace URL in to your address bar - if your have a hosts file enabled this is the first place that is checked before anything else.
Try putting the my wbspace URL but with say googles IP addy in the Hosts file! then restrict write access to it
-
March 25th, 2006, 09:40 PM
#10
Can you afford to put an inline snort box in place... Then you can write a fairly simple "drop" rule for any packet that contains "MySpace"... That would defeat anything but an encrypted connection.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|