Luis Daniel Lucio Quiroz yazm?s,:
Hi Squids
We found that if we block by MIME type HT-* MIMEs headers we can block
HTTPProxy tunnel (the one that use html tags).
We have found httport (for windows) but still dont know how to block. Has
anyone blocked it by other technique than ip blocking?
Regards,
LD
Yes . Normally every https site we connect must have a real domain not
(ip address) if we want to believe it is secure site. If a client tries
to connect an ip over ssl i guess that it's an unsecure site , if it has
a domain i guess that it's secure. Most of the https tunnels use
https/ip for tunnelling so if we drop ips only over https we can drop
https tunnels. I use this method. Here is the squid config ;
acl CONNECT method CONNECT acl ultra_block url_regex
^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+ http_access deny CONNECT ultra_block all
Sorry for my english :)
Regards,
ismail
