On Wed, 9 Mar 2011 12:12:53 -0800, Luis Veana wrote:
Hi
Can SQUID 2.7 block HTTPS uncategorized traffic in any way?
Define "uncategorized" and there is the answer.
Failing to define it clearly is an automatic "no".
I'm trying to block ULTRASURF usage in my callcenter.
These guys are freely browsing now, since one of them brought this
file to
my network.
This software is exceptional by the way, there is no installation
required,
it requires NO admin priviledges.
And it auto-configures the system to become a proxy using the
127.0.0.1:9666
address pushing the traffic through a SSL 443 conecction.
At least this is what I could see until now.
Any suggestions?
I think you will find it uses various methods including random
connection ports to ensure it "always" works.
In a callcenter you have known software with know ports etc which are
needed. Firewalls can be set to restrict or block other access.
For the stuff relayed through Squid-2 you need a whitelist of
destinations which are acceptible or a pattern of destinations which are
not. It comes done to defining uncategorized and discovering how
ULTRASURF passes requests through Squid. Its been a while since I faced
it, IIRC it operated like TOR.
On the non-technical side, network blocks do not work without company
policy and support. You have contracts outlining (in)appropriate
behaviour in the workplace which covers network usage, right? if not
*you* are in the wrong for blocking them against their contract
agreement, that needs fixing. If you do, enforce it, firings are in
order.
The (somewhat unusual) path I follow with my sub-contractors is to
charge for non-work related network usage of business resources. Just
like any other ISP at slightly less than our market rates, deducting
time wasted from paid hours on top of the charge. They find it fair and
completely under their own control whether they get paid or not.
Amos
