[K12OSN] How to block myspace.com
Dan Young
dyoung at mesd.k12.or.us
Thu May 25 18:02:12 UTC 2006
Mike Ely wrote:
> Dan Young wrote:
>> Sure, or go to one of a thousand different web proxies.
>>
>
> You can catch the vast majority of those with a scant few regexes tested
> against the URL:
>
> (nph-proxy.[cgi|pl])
> (nph-proxya.[cgi|pl])
> (nph-proxyb.[cgi|pl])
> (nph-surf.[cgi|pl])
> (nph-one.[cgi|pl])
> (nph-teste.[cgi|pl])
>
> That'll work until the kids figure out to rename the path to their
> proxy. Then you'll have to use deeper inspection.
Yeah, grep is your friend.
What I was getting at is that there may be a point of diminishing
returns, where an "arms race" will push the kids who _will_ get to where
they want to go further underground. Then you lose your auditing
capability. Just as an example, have you seen this?
http://torpark.nfshost.com/
I noted earlier that I've also seen several lately with obscured URLs,
i.e. base64 encoding or ROT13. I ran across one today that seemed to use
a substitution cipher, with the key embedded as part of the URL. Whee fun!
--
Dan Young <dyoung at mesd.k12.or.us>
Multnomah ESD - Technology Services
503-257-1562
More information about the K12OSN
mailing list