Re: FW: [squid-users] How to Block ByPass proxy Sites...... from Amos Jeffries on 2010-10-05 (squid-users)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Wed, 06 Oct 2010 00:30:09 +1300

On 05/10/10 23:44, John Dakos wrote:
> Kromonos thank you for your message.
>
> But I know this way with dstdom..... but the problem is... on web has a
> hundreds bypass proxy sites... this is no way for administrators. I spend a
> lot of time to search on google for bypass domains.

Indeed. It gets worse when you notice that proxies can sit at the other
end of HTTPS links, or nested in javascript inside a random page.

>
> Another idea ?
>

Alternatives:
  * Don't block.
  * pay someone to spend all their time identifying ways to keep your
blocks working.
  * Block the entire Internet and whitelist individual websites that you
have checked and approved. The logs of failed lookups are a good
starting point.
  * Pass the cost of all that time on to the users. That requires strong
usage policies which place hard penalties on people caught bypassing the
blocks and management backing to enforce those penalties.

Large and powerful governments have tried to do what you ask and still
fail even with this last approach. see
http://en.wikipedia.org/wiki/Internet_censorship for some other
techniques that have been tried.

Amos

>
> -----Original Message-----
> From: kromonos_at_user-helfen-usern.de [mailto:kromonos_at_user-helfen-usern.de]
> Sent: Tuesday, October 05, 2010 1:20 PM
> To: squid-users_at_squid-cache.org
> Subject: Re: [squid-users] How to Block ByPass proxy Sites......
>
> You could use single block:
>
> acl zerobypass dstdomain .zerobypass.info http_access deny zerobypass
>
> or you could create a "bad domain file":
>
> acl BAD_DOMAINS dstdom_regex -i "/etc/squid/bad_domains"
> http_access deny BAD_DOMAINS
>
> in /etc/squid/bad_domains you enter the bad domains. One per line:
>
> .zerobypass.info
> .zerobypass.com
> ....
>
> Am Tue, 05 Oct 2010 schrieb John Dakos:
>
>>
>> Hello all.
>>
>> Many users are join to sites such as ... www.zerobypass.info and
>> bypass squid proxy... and join to facebook etc etc...
>>
>> Is any way to block this sites ?
>>
>> Thanks
>>
>
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus signature
> database 5504 (20101005) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.8
   Beta testers wanted for 3.2.0.2

Received on Tue Oct 05 2010 - 11:30:13 MDT

This archive was generated by hypermail 2.2.0 : Tue Oct 05 2010 - 12:00:02 MDT