[K12OSN] How to block myspace.com

Mike Ely mely at rogueriver.k12.or.us
Thu May 25 18:10:45 UTC 2006

Dan Young wrote:
> Mike Ely wrote:
>> Dan Young wrote:
>>> Sure, or go to one of a thousand different web proxies.
>> You can catch the vast majority of those with a scant few regexes tested
>> against the URL:
>> (nph-proxy.[cgi|pl])
>> (nph-proxya.[cgi|pl])
>> (nph-proxyb.[cgi|pl])
>> (nph-surf.[cgi|pl])
>> (nph-one.[cgi|pl])
>> (nph-teste.[cgi|pl])
>> That'll work until the kids figure out to rename the path to their
>> proxy.  Then you'll have to use deeper inspection.
> Yeah, grep is your friend.
> What I was getting at is that there may be a point of diminishing
> returns, where an "arms race" will push the kids who _will_ get to where
> they want to go further underground. Then you lose your auditing
> capability. Just as an example, have you seen this?
> http://torpark.nfshost.com/
> I noted earlier that I've also seen several lately with obscured URLs,
> i.e. base64 encoding or ROT13. I ran across one today that seemed to use
> a substitution cipher, with the key embedded as part of the URL. Whee fun!

Absolutely.  The technology to obfuscate will always win over our 
blocking given a determined attacker.  Supervision is key...

More information about the K12OSN mailing list