Well, i have some problems with this software (ultra-surf). We using
pfsense + squid (as transparent proxy). I know two ways to block this
software.
1 - Drop all connections to the port 443 and accept only your trust
destinations.
2 - Use proxy on browser for https protocol. Later, drop the port 443
and accept connections only of proxy server.
Well, maybe exists another ways.
Thank's!
Sorry for my bad english!
Zhu Sha Zang escreveu:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
cassio lima escreveu:
I used www.opendns.com <http://www.opendns.com>
On Wed, Aug 12, 2009 at 4:55 PM, Tim Nelson <[email protected]
<mailto:[email protected]>> wrote:
----- "Zhu Sha Zang" <[email protected]
<mailto:[email protected]>> wrote: Hey, i'm using pfsense
with transparent proxy (squid + squidGuard) working well here.
But some users on my network are using ultrasurf that everything
know use port 443 to connect on proxyes around internet.
Isn't possible to block 443 port and open it selectively.
Then, how the better way to block ultrasurf in this situation?
thanks.
You could put a rule on your LAN (or whatever interface your users
connect from) that blocks all outbound HTTPS traffic. Then, keeping
rule order in mind, selectively create allow rules for those IP's
you wish to allow outbound access to HTTPS. Ensuring the legitimate
users have the proper IP address and the malicious users don't
change it manually or spoof it is a whole different story. :-)
Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332
x105
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
<mailto:[email protected]> For additional commands,
e-mail: [email protected] <mailto:[email protected]>
Commercial support available - https://portal.pfsense.org
Hey dude, i don't understand.
How u're using opendns? How this can block this type of problem?
Please, tell me more about this.
Thanks for now.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkqEFEIACgkQ35zeJy7JhCh9OACeNyn6jAcvspy9E7GEEsaJuwiy
4f8An1rv+fZxygUUI6R/B+LTTDLLKIhV
=o5BM
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
