>> SSCR Internet Admin wrote: >> >I would like to ask if anyone from squid mailing list has stumble upon >> >ultrasurf that can bypass any filtering products such as squidguard. I >> >have setup a test pc with ip being blocked on squidguard. But to my >> >surprise it bypass everything ive setup and with ultrasurf running on >> my >> >test pc, IE internet setting has been changed to use 127.0.0.1 using >> port >> >9666. > > On 22.01.08 17:27, Amos Jeffries wrote: >> Never heard of them. But going by the documentation they are >> HTTPS-tunneling all traffic from the localhost outbound. >> >> You and most would naturally allow HTTPS CONNECT requests through >> without filters for all the banking and secure sites that need it. > > wouldn't disabling CONNECT any port except 443 be enough? Probably not, it looks to have a standard SSL CONNECT on port 443 to a home server somewhere included in the methods. There is more than one protocol of connection involved. This is using what I think of as mid-range P2P control evasion. The code has hooks for several types of link. how they map I haven't looked. Amos
