Search squid archive

Re: Issues with Base 10 Decimal Bypassing Squidguard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



nathan.harris@xxxxxxxxxxxx wrote:
Hi there,

Here's an interesting one for you guys, I work P/T at a Local Authority
ISP service based upon open source code.

The kids Have recently realised that is you take

www.playboy.com

convert it to it's IP 216.163.137.3

covert it to Binary

11011000 10100011 10001001 00000011

then back into base 10 decimal

3634596099 now you enter this into your browser http://3634596099

at first I was unsure if this was an april fools

but sure enough it works and bypasses the filtering completly. Not many
sites work but I did find one or two more.

Both url blocking in squidguard & IP filtering does not effect base 10

Has anyone any idea how we can get squid to ignore Base 10 & Hex web
requests? kids will be bypassing filtering platforms up and down the UK
(or more probably have been for some time)

credit to them, clever little blighters


Well, you could make your dstdomain ACL which is based solely on the textual domain given. (You are using dstdomain I hope and not regex)

And turning it into 'dst', which performs an IP lookup and compares that. It is very effective against static sites like playboy, but much less useful against frequently moving sites like anonymous proxies.


The alternative but time-expensive approach is to add a regex that validates .com.net etc exists in the domain:

 acl isDomain dst_regex -i "\.[a-z]{2,}$"
 http_access deny !isDomain

This needs to be carefully placed after the blocking ACL and before the first major allow (students likely to use this, teachers not so much).


Amos

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux