On 5/10/2010 9:44 PM, John Dakos wrote:
Kromonos thank you for your message. But I know this way with dstdom..... but the problem is... on web has a hundreds bypass proxy sites... this is no way for administrators. I spend a lot of time to search on google for bypass domains. Another idea ?
A method I used quite effectively at the school I work for (before the education department got their act together) was this: * Block HTTPS to IP addresses - very very few legitimate reasons for this to be happening.
* Block common path names for CGI proxies - I found blocking URLs with "cgi" and "nph" in them to be fairly effective. Only had one case of a legitimate site being blocked here.
* Compile a list of free subdomain based dynamic DNS services - configure a separate log file for requests that hit these, and monitor them. I was randomly checking a few entries when I had a spare few minutes.
* Subscribe to proxy bypass mailing lists such as PeaceFire (subscribe to a few). I found it useful to monitor these for a day or 2 after getting them so I could find out who was getting the info, and from where.
Tim B
