Educause Security Discussion mailing list archives
Re: Blocking Proxy/HTTP Tunneliing servers
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Mon, 6 Feb 2006 13:13:11 -0500
On Mon, 06 Feb 2006 10:15:47 CST, Justin Dover said:
I am curious to how you guys are handling these outside internet proxies that are allowing students to access websites that you specially block. My situation is we block a few websites via DNS pointing the address to 127.0.0.1.
If students are intentionally and knowingly using 3rd party proxies to bypass your block list, the only *appropriate* solution here is to apply the penalties you spelled out in your AUP. Otherwise, you're trying to apply technical measures to solve what is at root a social problem. Keep in mind that the *desired* goal is one where you can just tell them "Don't do that", and they will in fact not do it, rather than do it just to be difficult... I'd suggest running Ethereal or similar, figure out what the requests to proxies look like (hint - a URL inside the data section of a POST request is likely suspect), and then run Snort or similar to find offenders. Then round up the top 10 offending kids (you probably already know who they are, anyhow), and make an example of them... You may as well *totally* give up on the concept that you can *prevent* a determined student from accessing inappropriate content - if the applicable law *requires* that, I suggest a pair of wirecutter pliers. Seriously.
Attachment:
_bin
Description:
Current thread:
- Blocking Proxy/HTTP Tunneliing servers Justin Dover (Feb 06)
- <Possible follow-ups>
- Re: Blocking Proxy/HTTP Tunneliing servers Joel Rosenblatt (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Ken Connelly (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Gary Flynn (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Graham Toal (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Justin Dover (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Graham Toal (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Christopher Chow (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Justin Dover (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Valdis Kletnieks (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Justin Dover (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers O'Callaghan, Daniel (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Graham Toal (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Cal Frye (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers John Nunnally (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers John Nunnally (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers John Stauffacher (Feb 06)
- Re: Blocking Proxy/HTTP Tunneliing servers Justin Dover (Feb 07)
- Re: Blocking Proxy/HTTP Tunneliing servers George Bailey (Feb 07)
- Re: Blocking Proxy/HTTP Tunneliing servers Tran , Lieu D (Feb 07)
(Thread continues...)