On Sat, 2 Jun 2007, Andrei Verovski (aka MacGuru) wrote:-
>Hi !
>
>We have Squid installed as transparent proxy, and it blocks certain web sites.
>However, I we have seen some users use public proxies like ninjaproxy in
>order to visit these sites.
My guess is that you're trying to stop users behind your firewall from
accessing sites outside the firewall without using your proxy.
>Is there any way to block public proxies along with those annoying sites?
The simplest way I can thing of would be to block the common proxy
ports[0] on the firewall except where they originate from the official
proxy. An alternative would be to additionally use port-forwarding of
those same ports, as well as ports 80 and 443, and have all the traffic
go through the proxy.
The only problem with this is that, at some point, someone will find an
open or public proxy on a different port, and then you get to add that
port to your list.
[0] 3128, 8080, 8088, and if you want to block SOCKS4/5, 1080 as well.
Regards,
David Bolt
--
Member of Team Acorn checking nodes at 50 Mnodes/s: http://www.distributed.net/
RISCOS 3.11 | SUSE 10.0 32bit | SUSE 10.1 32bit | openSUSE 10.2 32bit
RISCOS 3.6 | SUSE 10.0 64bit | SUSE 10.1 64bit | openSUSE 10.2 64bit
TOS 4.02 | SUSE 9.3 32bit | | openSUSE 10.3a4 32bit
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
