Hi Hamish You got a couple of options,
1. terminal services/citrix, for web access and lock it down. (Personal Fav, I don;t even let my users right click. :) ) 2. A managed router/switch to block tcp/udp to proxy IP, from there network. 3. A reg key which sets and locks the proxy settings via a login script and removed via log off script. 4. Sniff/Obtain the mac address of the offending students and block there traffic on the proxy. 5. Setup the proxy to accpect traffic only from filter and other systems and drop the rest. 6. Sniff/Obtain the mac address of the offending students and wave a wooden stick at them. Should last 1-4 weeks. :) Hope this helps. Mahesh > We've currently got a problem with girls bypassing > our web filtering > system and connecting directly to our proxy server, > a backdoor > deliberately left for certain applications. They are > only able to do it > from the boarding house where some of them have > their own laptops. The > boarding house is its own physical network, linked > via a fibre optic cable > to the rest of our network. > > Changing anything in the server setup is not really > practical as some > applications need to talk directly to the proxy > server and need to be hard > coded to do so. However, I can place something > between the boarding house > network and the rest of the network. I was thinking > an IP Cop firewall > which will allow all traffic from the boarding house > thru except port > 8080. Will this work? Is there a better way of doing > it? > > Cheers > > ------------------------------------------------- > Hamish McBrearty MCSE MCSA > Network Engineer > Rangi Ruru Girls' School > 59 Hewitts Road > Christchurch > NEW ZEALAND > Ph 03 355-6099 > Fax 03 355-6027 > CELL 021 999770 > E-Mail: [EMAIL PROTECTED] > -------------------------------------------------- > > ===== For Linux CD's check out http://www.xsolutions.co.nz http://mobile.yahoo.com.au - Yahoo! Mobile - Check & compose your email via SMS on your Telstra or Vodafone mobile.
