Search squid archive

Re: Bypassed Proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thank you all for the suggestions.

I will try to read up on iptables and add the necessary rules, as well as try to add norhtghost IPs to the blacklist.

On another note, I noticed Tor Browser bypasses squid completely. The only search results I found on how to block it with squid date back to 2011. (Amos has a script for that?)
Any idea how to block Tor? I downloaded it and ran it and none of its traffic is detected by Squid.





> On Dec 23, 2016, at 4:31 AM, Eliezer Croitoru <eliezer@xxxxxxxxxxxx> wrote:
> 
> My suggestion would be to find the holes in the system.
> There are couple good networking tools ie:
> Iptstate
> Iptraf-ng
> netstat-nat
> conntrackd-tools
> 
> The above tools have the options to see what parts of the IP is not ports such as:
> 53
> 80
> 443
> 
> Which you can control easily.
> You can easily add a DROP or REJECT rule in iptables for all new connections on other then these ports as a starter.
> It's very simple to write and I think you should dig a bit on iptables so you would be able to understand how it works better to give you a glimpse into the networking security world.
> This amazing site and page:
> http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch14_:_Linux_Firewalls_Using_iptables
> 
> Gives a better understanding to iptables and also on networking.
> If you need more guidance let me know.
> 
> Eliezer 
> 
> ----
> Eliezer Croitoru
> Linux System Administrator
> Mobile: +972-5-28704261
> Email: eliezer@xxxxxxxxxxxx
> 
> 
> -----Original Message-----
> From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Sameh Onaissi
> Sent: Friday, December 23, 2016 2:03 AM
> To: Antony Stone <Antony.Stone@xxxxxxxxxxxxxxxxxxxx>
> Cc: squid-users@xxxxxxxxxxxxxxxxxxxxx
> Subject: Re:  Bypassed Proxy
> 
> I have been trying to replicate what he is doing.
> 
> I have tried 4 or 5 VPN software and none connects, including Hotspot Shield. My iptables seem to be doing the job in that regard (Eliezer helped me set them up)
> 
> 
> 
>> On Dec 22, 2016, at 5:14 PM, Antony Stone <Antony.Stone@xxxxxxxxxxxxxxxxxxxx> wrote:
>> 
>> On Thursday 22 December 2016 at 22:50:33, Sameh Onaissi wrote:
>> 
>>> The user has hotspot shield installed on his PC, which I believe is a 
>>> similar extension to the one you mentioned.
>> 
>>> He is getting by squid with some sort of VPN, I thought squid can be 
>>> configured against such things?
>> 
>> It sounds as though you need to review your firewall (routing) policies.
>> 
>> Anyone who is allowed to use a VPN can effectively bypass all security 
>> policies on your network.
>> 
>> 
>> Antony.
>> 
>> --
>> Schrödinger's rule of data integrity: the condition of any backup is 
>> unknown until a restore is attempted.
>> 
>>                                                  Please reply to the list;
>>                                                        please *don't* CC me.
>> _______________________________________________
>> squid-users mailing list
>> squid-users@xxxxxxxxxxxxxxxxxxxxx
>> http://lists.squid-cache.org/listinfo/squid-users
> 
> _______________________________________________
> squid-users mailing list
> squid-users@xxxxxxxxxxxxxxxxxxxxx
> http://lists.squid-cache.org/listinfo/squid-users
> 

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux