[K12OSN] Lock down Mozilla Proxy Settings

Joe Guenther jguenther at chinooksedge.ab.ca
Wed May 26 20:15:36 UTC 2004

My first impression would be to configure the firewall so that the proxy can
talk out, but not the users.  Then they can configure the proxy settings to
anything they want, but they will very quickly come back to your proxy - as
it is the only way out the door.

IPTABLES can filter packets based on UID ... thus proxy can get out, but the
user cannot. ... :-)

I battled with this concept at my last school, and that is the solution we
came up with.  I guess a person could do transparent proxy but that also has
its disadvantages.

hope this was helpful

-----Original Message-----
From: k12osn-bounces at redhat.com [mailto:k12osn-bounces at redhat.com]On
Behalf Of Jim Christiansen
Sent: Wednesday, May 26, 2004 1:26 PM
To: k12osn at redhat.com
Subject: [K12OSN] Lock down Mozilla Proxy Settings

Well, it finally happened.  My students finally figured out that they could
provide another proxy address and by-pass  my IPCop transparent proxy...

I know there are write-ups out there about modifying the Mozilla settings,
but is there a really quick and dirty way of doing this?  In windows I used
to set the intctrl.something file to no access and it stopped the Tools menu
from access.



MSN Premium helps eliminate e-mail viruses. Get 2 months FREE*

K12OSN mailing list
K12OSN at redhat.com
For more info see <http://www.k12os.org>

More information about the K12OSN mailing list