Block proxy use.

Block proxy use.

[Stian B. Barmen]

[-- Attachment #1: Type: text/plain, Size: 453 bytes --]

Is there som kind of filter for netfilter that can block access to
anonymous proxies? The problem I often face is that the most advanced
users always can work around the firewall by using proxies. 

I know that I could run a proxy myself but this is not exactly what I
want. The best would be if there could be a filter similar to ipp2p
which would check for a "proxy signature" and block those
communications. 

Best regards
Stian B. Barmen

[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 3078 bytes --]

Re: Block proxy use.

[Jason Opperisano]

On Mon, Nov 22, 2004 at 02:49:30PM +0100, Stian B. Barmen wrote:
> Is there som kind of filter for netfilter that can block access to
> anonymous proxies? The problem I often face is that the most advanced
> users always can work around the firewall by using proxies. 
> 
> I know that I could run a proxy myself but this is not exactly what I
> want. The best would be if there could be a filter similar to ipp2p
> which would check for a "proxy signature" and block those
> communications. 

best option:  run squid, transparently proxy connections to it, block
access to remote proxies by category with squidGuard and a decent
blacklist; or, by restricting HTTP CONNECT method.

sub-optimal options:

create a list of known remote proxies and block access to them via IP
address in netfilter or by black-holing the domains in your DNS server.

use something like l7filter (which i have zero experience with) to block
HTTP CONNECT requests.  note that this method is powerless against
remote proxies that use SSL.

-j

--
"Lisa, Vampires are make-believe, like elves, gremlins, and Eskimos."
        --The Simpsons