At 19:23 21-01-2008, SSCR Internet Admin wrote:
>I would like to ask if anyone from squid mailing list has stumble upon
>ultrasurf that can bypass any filtering products such as squidguard. I have
>setup a test pc with ip being blocked on squidguard. But to my surprise it
>bypass everything ive setup and with ultrasurf running on my test pc, IE
>internet setting has been changed to use 127.0.0.1 using port 9666.
Teh ultrasurf proxy listening on 127.0.0.1 may be redirecting traffic
to an external proxy. That would not go through Squid if you are
only redirecting outgoing TCP traffic on port 80.
>I know that this is a kernel level issue and I havent successfully blocked
>9666 via iptables, maybe someone could try it out and maybe come up with a
>solution, before young students could have this program since you don't need
>to install this on a PC, just run u.exe and youre done bypassing.
The external proxy may not be listening on port 9666. As such, that
iptables rule won't block access. The better solution is to prevent
users from changing the Internet settings and by not allowing all
outgoing connections to prevent the proxy from being bypassed.
Regards,
-sm
Received on Mon Jan 21 2008 - 22:38:19 MST
This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:05 MST