LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 12-21-2007, 12:06 PM   #1
whatch
LQ Newbie
 
Registered: Dec 2007
Posts: 12

Rep: Reputation: 0
bypass firewall with https proxy


I am a ed-technologist in a 4 school supervisory union in Vermont. The district has been using a Sonicwall firewall with content filtering for a couple years. They recently noticed a lot of traffic tunneling through the firewall by students using https proxies. Sonicwall has not been much help with the problem.

I have used Squid and Dansguardian in the past. Will these programs easily block https? What distribution would you suggest for ease of use and administration? It would be nice if Dansguardian and Squid came preinstalled, so all we had to do was tweak it. Thanks! -Will
 
Old 12-21-2007, 06:07 PM   #2
Ricky
Member
 
Registered: Sep 2003
Posts: 34

Rep: Reputation: 15
hmm.....

May be I am not getting you clearly but..
If you are provinding acces through direct proxy ie. student provided with IP and Port for proxy then disable every other port. Next, squid can block unwanted ports on its own .
There are software like packages like smoothwall etc.. they may be of your help!
 
Old 12-21-2007, 06:19 PM   #3
dasy2k1
Member
 
Registered: Oct 2005
Location: 127.0.0.1
Distribution: Manjaro
Posts: 963

Rep: Reputation: 36
totally blocking https would be counter productive as it would perclude the use of 90% of webmail based email accounts (hotmail, gmail etc)
 
Old 12-22-2007, 05:11 AM   #4
prasanta
Member
 
Registered: Mar 2005
Location: India
Distribution: Debian
Posts: 368

Rep: Reputation: 37
Quote:
Originally Posted by dasy2k1
totally blocking https would be counter productive as it would perclude the use of 90% of webmail based email accounts (hotmail, gmail etc)
Yes that is true. I was facing the similar situation wherein people are using https proxies to browse the net. The only solution that I could figure out in that moment is to write an acl in squid that filters the word 'proxy'. Though this is not a solution but it somewhat solved my purpose for the time being. A better solution might exists.

--
Prasanta
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Preventing DansGuardian Bypass via HTTPS Proxies win32sux Linux - Security 16 08-19-2008 04:08 PM
Bypass proxy inaki Linux - Server 8 05-21-2008 01:02 PM
How to bypass proxy auth using squid sixth_sense Linux - Networking 7 09-20-2007 07:43 PM
Bypass Proxy Ungluun Linux - Networking 4 03-10-2005 01:42 AM
Bypass proxy hotplainrice Linux - Networking 1 02-26-2005 07:13 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 05:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration