Jeffrey Goldberg wrote:
> On Jul 6, 2007, at 2:33 PM, RW wrote:
>> If this box is not the gateway, there is no point in doing anything
>> about this because they can simply turn-off proxying and go direct to
>> the internet.
> However, on your gateway you can specify that only the proxy box is
> allowed to connect to the web.  That is block all outbound traffic to 
> ports 80 and 443 unless they come from the machine running squid.

This is of course granted that the gateway has a strict firewall rule
set that allows minimal, known destination ports and by default would
block external, free proxies (and anything else) that run on unusual
ports (eg: 50001) as someone else suggested.

_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to