[K12OSN] web filtering with SquidGuard
Eric Harrison
eharrison at mail.mesd.k12.or.us
Mon Feb 6 21:06:17 UTC 2006
Trond Mæhlum wrote:
> We are filtering unwanted webpages with SquidGuard. We set the
> transparent proxy script, using iptables, to redirect all port 80
> surfing to squid. We have been very happy with our solution. But now it
> has come to our attention that our efforts to block unwanted webpages
> are easily bypassed. The students use web-proxies instead. They use
> pages like proxypop.com to jump directly to the banned pages.
>
> We are blocking these sites as we discover them, but there's just too
> many of them... Our installation of SquidGuard is installed on a Debian
> Sarge machine. It doesn't auto-update it's databases in any way as far
> as I know. Is there some way of updating SquidGuards database of blocked
> urls and domains?
>
This is a fun one!
The quick answer:
I've recently added a proxy category to the blacklists that I make
available. Feel free to update from me if you wish...
rsync -Pav filter.mesd.k12.or.us::filtering/ /path/to/your/blacklists/
The K12LTSP update script (/usr/sbin/update_squidguard_blacklist) should
be easily adapted to your Debian setup.
The near-future answer:
The alpha release of the next major Dans Guardian release
(dansguardian.org) has some interesting features that are useful in
dealing with the "proxy issue".
The "reality" answer:
Filtering technology will always be easily bypassed, it doesn't matter
what technology you use. Well, maybe not "easily", but if the kids have
an incentive to get around filters they will ALWAYS be able to do so.
Supervision is the only truly effective method...
-Eric
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/k12osn/attachments/20060206/85e57706/attachment.sig>
More information about the K12OSN
mailing list