i dont know if this is valid for TOR ... but at least Ultrasurf,
which i have analized a bit further, encapsulates traffic over squid
always using CONNECT method and connecting to an IP address. It's
basically different from normal HTTPS traffic, which also uses CONNECT
method but almost always (i have found 2-3 exceptions in some years)
connects to a FQDN.
So, at least with Ultrasurf, i could handle it over squid simply
blocking CONNECT connections which tries to connect to an IP address
instead of a FQDN.
Of course, Ultrasurf (and i suppose TOR) tries to encapsulate
traffic to the browser-configured proxy as last resort. If it finds an
NAT-opened network, it will always tries to go direct instead of through
the proxy. So, its mandatory that you do NOT have a NAT-opened network,
specially on ports TCP/80 and TCP/443. If you have those ports opened
with your NAT rules, than i really think you'll never get rid of those
services, like TOR and Ultrasurf.
Em 18/11/11 14:03, Carlos Manuel Trepeu Pupo escreveu:
> So, like I see, we (the admin) have no way to block it !!
>
> On Thu, Sep 29, 2011 at 3:30 PM, Jenny Lee<bodycare_5_at_live.com> wrote:
>>
>>> Date: Thu, 29 Sep 2011 11:24:55 -0400
>>> From: charlie.mtp_at_gmail.com
>>> To: squid-users_at_squid-cache.org
>>> Subject: [squid-users] block TOR
>>>
>>> There is any way to block TOR with my Squid ?
>> How do you get it working with tor in the first place?
>>
>> I really tried for one of our users. Even used Amos's custom squid with SOCKS option but no go.
>>
>> Jenny
-- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertrudes_at_solutti.com.br My SPAMTRAP, do not email itReceived on Fri Nov 18 2011 - 20:39:39 MST
This archive was generated by hypermail 2.2.0 : Sat Nov 19 2011 - 12:00:03 MST