[K12OSN] Fedora 2 vs WB3 or RHE3 and old proxy by-pass prob

[k12osn at collinsoft.com]

On Sun, 6 Jun 2004, Terrell Prude', Jr. wrote:
> k12osn at collinsoft.com wrote:
> >This still won't stop someone from running an anonymous proxy service that 
> >acts as a website. I'm not familiar with circumventor at all, but I have 
> >seen software where you surf to the website running on a home machine, it 
> >asks for a url, and it sends the page to you, bypassing any filtering you 
> >might have done. A good example on how this works would be 
> >http://www.anonymizer.com/ (which should be blocked in your filtering 
> >software!).
> 
> You're absolutely correct; someone can do all of that. However, it'll 
> show up in your logs (you are checking your logs, right? :-) ), and you 
> can block that site, either from within 
> DansGuardian/squidGuard/whatever, or on your packet filter, the same way 
> you block www.anonymizer.com. Not sure if you're about to block a "real" 
> Web site? nslookup and whois can be your friends here.
> 
> Oh, by the way, as it shows up in the logs, you can coordinate that with 
> the source IP address, i. e. the client box, thus narrowing down which 
> school, which switch port, therefore which drop in which room, at what 
> time, and you have nailed that kid. I've had to do this kind of thing 
> many times, and we do run DHCP w/ private IP addresses, and yes, I am 
> successful nearly every time. Not that I'm particularly brilliant; it 
> just ain't that hard. ;-)

I do go through the logs, but sometimes I will miss things (especially 
when our log files are around 100MB a week. :-)

Anyway, I think we both agree technology can solve 99% of this problem, 
the other 1% is vigilant enforcement!

-- 
Ryan Collins
Technology Coordinator - Kenton City Schools
http://www.kentoncityschools.org/