Linux Forums - Linux Help,Advice & support community:LinuxSolved.com

Network Troublshooting => Linux Proxy Server Support => Topic started by: Louis on September 11, 2009, 07:48:26 AM

Title: Restrict any bypasspxory software on squid proxy?
Post by: Louis on September 11, 2009, 07:48:26 AM

Hi...

Any idea, how users on squid proxy can be restricted  to use any bypass proxy softwares or links?

Title: Re: Restrict any bypasspxory software on squid proxy?
Post by: kaushalpatel1982 on September 23, 2009, 01:46:53 PM

The software that by pass proxy mostly use the tunneling between the client and some server on remote. Their request always serve by that remote server.

It is not possible to stop it by squid proxy it self. You have two option

1. Use IPTables. Block all none standard ports other then required using iptables. let say my requirement is SMTP, POP3, and PROXY, Then I will allow 25, 110 and 3128 port only from inside to outside.

2. Use SNORT. Snort is IDP software that detect such softwares and aleart you. This will help you to find out such user and inform them that they are  monitored strictly.

Title: Re: Restrict any bypasspxory software on squid proxy?
Post by: Avin on September 24, 2009, 12:56:07 PM

Hi,

 Download the block list from following URL . It has around 50,000 proxies. Which you can block easily. It has many other virus infected, malware sites.

http://urlblacklist.com/?sec=download (http://urlblacklist.com/?sec=download)

Kaushal is right. If possible to you allow only required and well known ports.

Avin..