RE: Web filter recommendations request: moderate price with good CGI/PHP proxy filtering

["Petter Bruland" <pbruland () fcglv com>]

Hi Andrew,

I assume you have a firewall or a router somewhere between your users
and the Internet, so you should be able to block these proxy sites.

Or if you use Cisco or any other brand of routers that support rules to
forward web traffic to a proxy, and then setup a Linux box with Squid
for backend filtering. With Squid you get pretty good control over the
web traffic, as well as there are some really good tools for log
reporting.

If it's a Windows environment with Active Directory, you could also
setup a GPO to force IE to use an internal Squid proxy... although I
hope your users use Firefox :-) And then you might have to create your
own ADM template files for forcing proxy settings (I've never done that,
as we have WebSense here and it ROCKS! sorry...)

That's my two cents, and now we sit back and let some of the 1337 h4x0rs
give us some top notch suggestions :-)

-Petter 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Andrew Stewart
Sent: Monday, October 08, 2007 7:23 AM
To: security-basics () securityfocus com
Subject: Web filter recommendations request: moderate price with good
CGI/PHP proxy filtering

Currently the company I work for currently uses DansGuardian
<http://dansguardian.org/> for our web content filtering, but we are
having a problem with people using CGI/PHP proxies (such as the ones
below) to bypass it.  Websense <http://www.websense.com> seems to be the
gold standard in content filtering, but the price on it would really hit
our budget hard.  Does anyone here have something cheaper that I should
take a look at?


Here are some of the CGI/PHP proxies we have discovered users utilizing
to bypass our content filtering:
<http://56st.com>
<http://www.proxysf.com>
<http://blackip.info>

-aws