Munawar Zeeshan wrote:
Hi.
I am using Squid Guard to block unwantws sites. But my users now using
anonymous proxies to by pass my squid guard restriction.
You have a serious problem then. The best solution will come from
considering *why* they are wanting those sites. And finding ways to make
the users not want them anymore. This may need to be an education thing
rather than or in addition to blocking.
There are a lot of anonymous proxy websites.i have manually blocked
some of them but mu users search out more others every day.
I am unable to find any black list of anonymous proxies from internet.
Can anybody help ???
I use a few techniques combined to reduce this, there is some slipway
still though.
1) Block outbound port 80 to users, use .PAC or transparency to get them
going through your squid. (Some other ports may also need to be blocked
as you find them).
2) Block CONNECT access to anything except SSL in squid.
3) Blocking any redirectors. (website that accepts http://.* in path part).
4) Block replies (http_reply_access) which include a forwarded-For
header or sometimes there are other headers specific to the remote proxies.
5) ERR pages that are clear the visited site is a high-risk are of the
internet, with some info on why.
If all else fails you should have contracts with the ultimate options of
dismissal (for employees) or account termination (for abusive clients).
Amos
