RE: [squid-users] prevent direct access

Hello, helpdesk. The web is busted, I get this error page. Read the page and
feel free to call back if you have any problems.

That is still less time for the helpdesk than walking users through the
whole setup. Be creative with the webpage, don't use black text with no
pictures. Make the headline say something like "Not your everday error page"
or "ahhh, want net? Read this" Put a cartoon or other graphic on the page.

On regedit: You wouldn't run regedit on the webpage, you'd provide a link
that they could download or run from the webpage. The only thing this file
could do would be to change their proxy settings. If someone could get onto
the webserver and change this reg hack then when the users ran it all sorts
of things might happen. BUT...if they could get onto the server and change
it, they could also get on the server, change the webpage, and add a little
script of their own anyways. I don't see offering a reg change file/fix on a
webpage as a security risk at all.

Chris

-----Original Message-----
From: Jawed Ahmed [mailto:jawed@teamsap.adaniwilmar.com]
Sent: Monday, September 27, 2004 1:27 AM
To: squid-users@squid-cache.org
Subject: Re: [squid-users] prevent direct access

hi,
yes..I have done what you suggested..but the thing is that..the moment they
see that error page..no one bother to read the instructions to change the
settings..they immediately call up the IT..'Internet is down'...so I was
wondering if there is someway to get it done on the fly...

if regedit is only way of doing it..then I would definitely not prefer
it..running regedit any way won't be possible on the remote machine through
a webpage..big security risk !

thanks for the time

Jawed

On 27 Sep 2004 at 15:17, Richard wrote:

> Hi,
>
> The only suggestion I could offer is re-directing your users to a site
> that has 1 or both of the following:
>
> 1: Instructions on how to configure IE.
> 2: Link to a job that could be excetuted to run a silent regedit which
> would set the users proxy server (only works with windows)
>
> As far as automatically changing settings goes I think it might be a
> little difficult.
>
>
> On Mon, 27 Sep 2004 09:11:41 +0530, Jawed Ahmed
> <jawed@teamsap.adaniwilmar.com> wrote:
> > hi group,
> > a few days ago, henrik had suggested that we can prevent smart users
> > from accessing the net directly by redirect users from port 80 to
> > some other port where we can host a single page on the webserver asking
them to use the proxy server.
> >
> > I wanted to know if it is possible to put some script on that page
> > to which users are redirected, which will automatically configure
> > the IE proxy settings to the one which we want..I read somewhere
> > that it can be done..but havne't been successful in googling out the
relevant info..
> >
> > if someone knows, then please guide me to the URLs so that I can
accomplish that.
> >
> > warm regards,
> > Jawed Ahmed
> >
> >
Received on Mon Sep 27 2004 - 08:50:39 MDT