Re: Blocking Proxy/HTTP Tunneliing servers

[Valdis Kletnieks <Valdis.Kletnieks () VT EDU>]

On Mon, 06 Feb 2006 10:15:47 CST, Justin Dover said:
> I am curious to how you guys are handling these outside internet proxies that
> are allowing students to access websites that you specially block.  My
> situation is we block a few websites via DNS pointing the address to 127.0.0.1.

If students are intentionally and knowingly using 3rd party proxies to
bypass your block list, the only *appropriate* solution here is to apply
the penalties you spelled out in your AUP.  Otherwise, you're trying to
apply technical measures to solve what is at root a social problem.
Keep in mind that the *desired* goal is one where you can just tell them
"Don't do that", and they will in fact not do it, rather than do it just
to be difficult...

I'd suggest running Ethereal or similar, figure out what the requests to
proxies look like (hint - a URL inside the data section of a POST request
is likely suspect), and then run Snort or similar to find offenders.

Then round up the top 10 offending kids (you probably already know who they
are, anyhow), and make an example of them...

You may as well *totally* give up on the concept that you can *prevent* a
determined student from accessing inappropriate content - if the applicable
law *requires* that, I suggest a pair of wirecutter pliers.  Seriously.

Attachment: _bin
Description: