1. Home
  2. Networking Firewalls
  3. Kids bypassing firewall via web proxy sites

Kids bypassing firewall via web proxy sites

I work for a K - 12 school.

In my opinion, we have some very fair rules and regulations regaurding internet and computer use.

We use a Sonicwall firewall, 3060, I subscribe to content fltering, which I love. It keeps out all the horrible junk that kids may accidently come across (Or purposely) and it covers our rear.

Due to recent events, and some within the school, I have been ordered to block myspace.com.

I have several other sites faculty and staff have asked me to block within the content filtering section of my sonicwall admin page.

However, some students got smart, and searched google for proxy and anonymous. Thousands of results come up, allowing them to type in any website they like (including myspace) and surf around on it, bypassing my firewall.

There is an option in sonicwall that says "Restrict Web Features::" and I checked "Access to HTTP Proxy Servers" But I am still able to get to sites via these proxy sites that shoulf be blocked...

Any advice?

Thanks in advance!

Jerry

Reply to
Jazz
Loading thread data ...

Yes. Forget it.

Yours, VB.

Reply to
Volker Birk

Ya your just so helpful let the kids surf to the p*rn and warez sites. Man I'd love to look at the state your users computers and network are in.

Reply to
Jason

No. When I'm responsible for kids, I will not. I will oversee, what they're doing. This is not the job of a machine, and it cannot be done by a machine.

You would be surprised, I bet.

Yours, VB.

Reply to
Volker Birk

You cannot stop them from doing so with technical measures.

So get supervisor and/or educate them why they should not do so. In companion with strict non-technical rules prohibiting it, you may actually achieve something real.

Reply to
Sebastian Gottschalk

Awesome answers, you must have been the first to be picked for sports in school.

Reply to
Jazz

So far, i am surprised you claim to be so knowledgeable, yet offer no advice other than the same advice I could have gathered from a brick wall.

Reply to
Jazz

so... you are suggesting i look over the shoulders of 1200 kids and 300 computer? Thats call sneaker-net dude, and it went out with windows

3.1....

thanks for your advice.

Reply to
Jazz

so tell kids why they should not look at p*rn or download warez or click pop ups...

dunno how much you know about teenagers, but in so doing, I will unleash a monster... they will ALL do it and figure out how.

Reply to
Jazz

If you follow your suggestions that you post here I suspect I wouldn't be surprised by the mess at all. Oh well to each thier own, and as long as folks posting here recognize your posts for what they are no harm no foul.

Reply to
Jason

When did I do this?

If your brick walls are telling you that child education is a very important thing and cannot be done by a dumb machine, then Sirius Cybernetics Corporation improved considerably.

Yours, VB.

Reply to
Volker Birk

No. I'm suggesting, that custodians have a look on what these kids are doing.

You're welcome!

Yours, VB.

Reply to
Volker Birk

Do know know, what I'm doing occupationally?

Yours, VB.

Reply to
Volker Birk

Click pop ups? Please, *PLEAZE* don't tell us, that you're really using Internet Exploder for the Kids? You don't suffer from such dementia, do you?

Yes. They will ALL figure out how, it does not matter what you're trying to filter away. One will find out how to fool your filtering system, and immediately ALL of them will know how to.

This is what I'm trying to tell you.

Yours, VB.

Reply to
Volker Birk

formatting link

Reply to
galt_57

Does your filtering service have a checkbox to allow/deny unrated websites? That's probably what's letting those proxies through.

If you do that, you will block access to a fair number of legitimate unrated sites also. Talk to Sonicwall to see how to submit such sites for rating.

-Russ.

Reply to
Somebody.

This results in a page with:

--------------------------------- snip --------------------------------------

SonicWALL Content-Filter Service

SonicWall CFS URL Rating Review Request Error occurred, please retry

--------------------------------- snap --------------------------------------

Yours, VB.

Reply to
Volker Birk

A complete whitelist. OMN!

A fair number? Millions of sites are a fair number? Hiding the complete Web with the exception of the "ratet sites" means blocking a "fair number"?

With pleasure I'm remembering the time, when Smartfilter offered a user form for customers' input of sites to categorize:

------------------------------- snip ----------------------------------- #!/bin/bash

name=$1 keyword=$2

for domain in `whois $name |grep @ |awk 'BEGIN{FS="@"}{print$2}'| awk '{print$1}'` ; do {

cat

Reply to
Volker Birk

Dunno about sonicwall but been there, done that. Using IPCop with mods system and dansguardian I have prevented exactly this sort of thing.

I just found out yesterday that the staff of one youth centre have been logging the kids in as administrator and letting them have a free for all installing games they brought in. Settings mucked with on the PC's but they still haven't been able to get p*rn or malware on the PC's from the web.

Of course, if the staff continue to log them in as admin instead of the restricted profile it's only a matter of time before some serious damage is done.

I'm curious as to why kids are *allowed* to change proxy settings in the first place. Remove computer priviliges for anyone caught.

Look at a more robust filtering system for the student network such as the IPCop one mentioned, or one of the commercial variants. Cheers, E.

Reply to
E.

Dude, you can always bypass proxy settings. Just enter

formatting link
in the address bar and there you go!

Reply to
Sebastian Gottschalk

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.