On 5/10/2010 9:44 PM, John Dakos wrote:
Kromonos thank you for your message.
But I know this way with dstdom..... but the problem is... on web has a
hundreds bypass proxy sites... this is no way for administrators. I spend a
lot of time to search on google for bypass domains.
Another idea ?
A method I used quite effectively at the school I work for (before the
education department got their act together) was this:
* Block HTTPS to IP addresses - very very few legitimate reasons for
this to be happening.
* Block common path names for CGI proxies - I found blocking URLs with
"cgi" and "nph" in them to be fairly effective. Only had one case of a
legitimate site being blocked here.
* Compile a list of free subdomain based dynamic DNS services -
configure a separate log file for requests that hit these, and monitor
them. I was randomly checking a few entries when I had a spare few minutes.
* Subscribe to proxy bypass mailing lists such as PeaceFire (subscribe
to a few). I found it useful to monitor these for a day or 2 after
getting them so I could find out who was getting the info, and from where.
Tim B
