Re: [squid-users] Squid 3.1.x and detect/disable http tunneling over proxe web sites

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 09 Mar 2012 01:30:45 +1300

On 9/03/2012 1:01 a.m., Josef Karliak wrote:
> Good afternoon,
> is it able to detect somehow (and disable) tunneling http regular
> web thru proxy web sites ? For example porn web site thru
> "hidemyass.com". There are a lot of web proxies, couldn't locate
> everyone and disable it :). How do you solve it ?
> Thanks and best regards
> J.K.
>

It is not possible to get them all. You can look for public lists and/or
commercial lists. Even so it is a full time job or more just to stay
updated.

The better solution is to work out policies that the users can agree to
and willing to work within. Educate where possible about why you do the
things you need to do and what the benefits are for the users in
following along. And get management on-side to assist with enforcing
restrictions when people are caught going against the agreement. A
policy without teeth is just so much hot air.

Compare your network setup against
http://wiki.squid-cache.org/SquidFaq/ConfiguringBrowsers#Recommended_network_configuration
to see if you have missed a useful layer.

Amos
Received on Thu Mar 08 2012 - 12:30:52 MST

This archive was generated by hypermail 2.2.0 : Thu Mar 08 2012 - 12:00:02 MST