[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[K12OSN] Re: squidguard and reverse lookups



> Date: Tue, 24 Jun 2003 09:50:37 -0400
> From: Mike Rambo <mrambo lsd k12 mi us>
> To: k12os list <k12osn redhat com>
> Subject: [K12OSN] squidguard and reverse lookups
> Reply-To: k12osn redhat com
>
> We've just realized that it is somewhat of a big deal that squidGuard
> doesn't do reverse lookups to check for blocked sites. The reason we
> noticed is that some enterprising student figured out he could do a
> nslookup on playboy.com and go directly to 
>
>   http://209.247.228.201
>
> without any blocking taking place. I checked the ip of a couple of the
> other big names. Penthouse I found blocked by ip as well as name in the
> blacklists. Hustler.com has two ip's neither of which were in the
> blacklists (but in their case they also appear to do some redirecting
> when arriving at the site that causes it to get blocked anyway). I hope
> there aren't too many sites out there that are only in the blacklists by
> name. This makes me think back to all of the sites I've added to
> local-block and have done so only by name. There's probably a good
> chance that at least some of them are still accessible directly by ip.
>
> I'm wondering if anyone else has run into this problem and how you
> handle it.
>

For my home, I just installed CensorNet, www.censornet.com.  This is a
Debian(?) distribution with Dansguardian and other pieces to help administer
blocking.  One feature/drawback is that all the MAC addresses of machines
that will access the internet need to be auto-discovered or manually
entered.  This feature does allow you to ensure that certain machines do not
have access to the internet though.

They offer a reasonably priced subscription service for blacklist updates
(~$175 USD per year) and even have a add-in that detects "skin" and blocks
those images (It's not on the price list so I assume that means "expensive"
both in terms of cost and server hardware).

There is a bridging patch that I installed since I didn't want to use the
CensorNet box as my firewall.  It works well.

Overall, I'd certainly take a look at this distribution.  I've not heard
much/anything about it on this list so I thought I'd bring it to everyone's
attention.

Hope this helps.
Dale





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]