nathan.harris@xxxxxxxxxxxx wrote:
Hi there,
Here's an interesting one for you guys, I work P/T at a Local Authority
ISP service based upon open source code.
The kids Have recently realised that is you take
www.playboy.com
convert it to it's IP 216.163.137.3
covert it to Binary
11011000 10100011 10001001 00000011
then back into base 10 decimal
3634596099 now you enter this into your browser http://3634596099
at first I was unsure if this was an april fools
but sure enough it works and bypasses the filtering completly. Not many
sites work but I did find one or two more.
Both url blocking in squidguard & IP filtering does not effect base 10
Has anyone any idea how we can get squid to ignore Base 10 & Hex web
requests? kids will be bypassing filtering platforms up and down the UK
(or more probably have been for some time)
credit to them, clever little blighters
Well, you could make your dstdomain ACL which is based solely on the
textual domain given. (You are using dstdomain I hope and not regex)
And turning it into 'dst', which performs an IP lookup and compares
that. It is very effective against static sites like playboy, but much
less useful against frequently moving sites like anonymous proxies.
The alternative but time-expensive approach is to add a regex that
validates .com.net etc exists in the domain:
acl isDomain dst_regex -i "\.[a-z]{2,}$"
http_access deny !isDomain
This needs to be carefully placed after the blocking ACL and before the
first major allow (students likely to use this, teachers not so much).
Amos
