Re: [squid-users] WebDAV?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sat, 26 Apr 2003 12:02:56 +0200

On Saturday 26 April 2003 10.11, Ralf Hildebrandt wrote:
> Since WebDAV can be proxies using Squid, I'd like to know how we
> could restrict the export of data from our network to the outside
> via our Squid proxies.

By denying the WebDAV methods. Most likely easier to do the opposite
and allow only normal browsing methods:

  GET
  HEAD
  POST (*1)
  CONNECT (*2)

*1) You probably want to deny POST with req_mime_type
multipart/x-form-data, as this is used by file upload forms.

*2) Note that you won't have any control over https:// sites, so you
should probably not allow the CONNECT method except for well known
destinations.

> Related issue: Some P2P tools can use HTTP Proxies. Are there any
> tools that can spot such traffic in the access.log?

Not in a general term, but it should not be hard at all to make simple
filters which spots the common ones. Most P2P tools are not true P2P
and makes use of central servers at well known addresses as
connection points. These can be spotted very easily once identified.

Also, some of the P2P tools advertise a good User-Agent (as they
should) and can be fully identified.

I am not aware of any document on how the different P2P tools can be
identified.

Regards
Henrik

-- 
Donations welcome if you consider my Free Squid support helpful.
https://www.paypal.com/xclick/business=hno%40squid-cache.org
If you need commercial Squid support or cost effective Squid or
firewall appliances please refer to MARA Systems AB, Sweden
http://www.marasystems.com/, info@marasystems.com
Received on Sat Apr 26 2003 - 04:02:11 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:15:31 MST