Trond Mæhlum wrote:
We are filtering unwanted webpages with SquidGuard. We set the transparent proxy script, using iptables, to redirect all port 80 surfing to squid. We have been very happy with our solution. But now it has come to our attention that our efforts to block unwanted webpages are easily bypassed. The students use web-proxies instead. They use pages like proxypop.com to jump directly to the banned pages. We are blocking these sites as we discover them, but there's just too many of them... Our installation of SquidGuard is installed on a Debian Sarge machine. It doesn't auto-update it's databases in any way as far as I know. Is there some way of updating SquidGuards database of blocked urls and domains?
This is a fun one! The quick answer: I've recently added a proxy category to the blacklists that I make available. Feel free to update from me if you wish... rsync -Pav filter.mesd.k12.or.us::filtering/ /path/to/your/blacklists/ The K12LTSP update script (/usr/sbin/update_squidguard_blacklist) should be easily adapted to your Debian setup. The near-future answer: The alpha release of the next major Dans Guardian release (dansguardian.org) has some interesting features that are useful in dealing with the "proxy issue". The "reality" answer: Filtering technology will always be easily bypassed, it doesn't matter what technology you use. Well, maybe not "easily", but if the kids have an incentive to get around filters they will ALWAYS be able to do so. Supervision is the only truly effective method... -Eric
Description: OpenPGP digital signature