Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 10-28-2005, 03:22 AM   #1
Registered: Oct 2005
Location: Australia
Distribution: slackware 12.1
Posts: 753

Rep: Reputation: 32
some bypass my firewall!

i recently joined up the sysdept in my workplace. firewall here uses a mix of squid and iptables to block/accept certain kind of traffics and/or give access to some user to access certain sites or use messengers. i have found out an interesting thing going on here but. some users with no priveleges to access hotmail and msn msgr are still using it and i have no clue as to how they are doing this. we have blocked the dport of restricted sites for all the users except some and they shouldn't have access to them. still i can't figure it out. can somebody guide me as to how they are doing it and what can i do to block them permanently? the reason for blocking such sites are unknown to me so only the management knows.
Old 10-28-2005, 05:54 AM   #2
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
Blog Entries: 4

Rep: Reputation: 470Reputation: 470Reputation: 470Reputation: 470Reputation: 470
Could they be using their own proxy servers? An anonymizer? You need to look at their traffic logs.

Slightly harsh but you could just boot them from the network for irregular use and make them tell you what they did when they come to complain. If they signed an agreement to not bypass security restrictions and they are doing that, you have every right to boot them.
Old 10-28-2005, 07:34 AM   #3
Senior Member
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 55

Does using a tunnel in http violates the policy?
What should a policy mention to forbid this?
I have lots of friends that do this in my company and I'm really wondering..

Talk before booting maybe .. If this reappears, boot
Old 10-29-2005, 07:22 AM   #4
Registered: Feb 2005
Location: ~h3av3n~
Distribution: RHEL 4, Fedora Core 3,6,7 Centos 5, Ubuntu 7.04
Posts: 227

Rep: Reputation: 30
They must be using something like this:

Why not use SquidGuard or DANS guardian

Last edited by ~=gr3p=~; 10-29-2005 at 07:26 AM.
Old 10-30-2005, 01:45 AM   #5
Registered: Oct 2005
Location: Australia
Distribution: slackware 12.1
Posts: 753

Original Poster
Rep: Reputation: 32
i think this is it. i am checking my access.log files for any occurences of the sites that i have collected through visiting sites provided by gr3p. i will write back if i find something interesting...
Old 10-30-2005, 10:17 PM   #6
Registered: Oct 2005
Location: Australia
Distribution: slackware 12.1
Posts: 753

Original Poster
Rep: Reputation: 32
i found out an unusual site which provides webproxy service to anomously surf the web. there are hundreds of similar sites in the web like, etc.. that provide this kind of service. anyway i got to the core of it. thanx everybody.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
security bypass fid def Linux - Newbie 16 08-24-2005 09:28 AM
Can route through bypass firewall? Randomandy Linux - Networking 1 08-15-2005 08:33 PM
How do I bypass GRUB? minrich SUSE / openSUSE 4 06-06-2005 07:28 PM
Bypass proxy hotplainrice Linux - Networking 1 02-26-2005 06:13 AM
How can I bypass certain permissions? jnassiri Mandriva 8 08-14-2004 06:40 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:25 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration