- Vote on answer
- posted
18 years ago
How credible!
SCNR, VB.
One of the blocks in place is of proxying sites and proxying behaviour. It's not bulletproof and would require maintenance and updates, as do all things. Attempting to access a proxied site sets off a warning, which should be followed up with a "please explain".
All that's really needed is a pill to cure the "we don;t need to monitor anything we've got a firewall" attitude and the world would be a huge hugfest. ;->
Cheers, E.
Does it catch Google Cache and alikes? What about Doubleclick Ads?
It will always be behind, most likely permanently.
"Don't know. There are a lot of advertisement things linked to most websites that do behave so."
And most likely he would be innocent and right about this.
And you're suggest that automated processing of monitoring would be a reasonable measure, especially for content filtering. Go figure!
On 13 Mar 2006 08:43:50 -0800, "Jazz" put finger to keyboard and composed:
Volker Birk made it into my kill file within a day.
- Franc Zabkar
We do the same thing with companies, not with EDU's (yet) and have done it via several means - first rule, block ALL internet access, no open access at all (at least for the kids). If you want an adult to have additional access, then setup a means for the adult to be under a different set of rules (we authenticate with the firewall and then permit the group the users is defined in to have X access for HTTP, other groups have Y access....).
Now, for the "public" (default internet access), you can employ a white list and a request feature - where certain domains are approved at your own default choices, where sites that are blocked redirect the user to a request form that is submitted to your firewall admin for approval (or rejection).
If you implement the above, they won't be able to get to rogue proxy sites as they won't be in your approved list by default.
Which is no qualification. Some people think it's actually a honor to be ignored by the hopelessly clueless.
So far it seems like many people do believe the content filtering as least sufficiently works. Which is even a contradiction to what common sense does tell, yet still ignoring the technical details that make it even less effective.
And I'm still wondering why marketing promises are threaten as arguments.
I haven't yet seen anything particularly clueful from you. Who are you? May you be ignored right away?
cu
59cobalt
After having a quick glance at your previous posts in this group I can understand why.
*plonk*cu
59cobalt
Interestingly, my problem is the opposite of you.
I have been trying for last three days and couldn't get any proxy server to work on my box.
I have xpsp2, Firefox1.5.
I have installed ProxyWay, then Multiproxy, then ProxySwitcher.
But, I could not either set my proxy, meaning that the surfing stopped in firefox, or if surfing continued,
could someone like to teach me what I am doing wrongly?
In this exervice could be the solution to Jazz's concern. Find out why I am not able to set proxy, simulate those conditions in your school, and your kids will not be able to set a proxy.
Is it possible to take help of your IP? I have read somewhere that if IP provides a direct router instead of a modem, and doesn't allow the router's setings to be modified at users' end, then they would not be able to modify the port thru which net traffic occurs. Then, proxy is not set. Is there something in it?
few thousand anonymous proxy sites.
Volker... I seldom post to newsgroups anymore. My system is up and running well. Back when I did make a lot of posts, It was for one of two possible reasons.
Volker, WHY DON'T YOU ASK YOURSELF THESE QUESTIONS BEFORE YOU HIT SEND?
Am Mon, 13 Mar 2006 21:44:34 +0000 schrieb Casey:
Sometimes repair technology is insufficient, no matter whether you like that or not. That is the other answer (besides 42) Douglas N. Adams gave. Read:
What operating system is on the student pc's? Can you use a Group Policy (Windows 2000 and XP) to set your internal proxy and disable students changing it? If so, then put a rule in your firewall that only allows the proxy to use http. Depending on what type of proxy you're using, you should be able to filter there, rather than just at the firewall.
Wayne McGlinn Brisbane, Oz
Volker, seriously, that's not exactly responsible advice. Are you even minutely aware of the problems with myspace.com? This isn't a free speech issue. Can you say pedophilia?
He can't offer a solution because he doesn't understand security. He feels that everyone is entitled to free and open access to the Internet at all times, even from work.
I think that the point he was trying to get across was that the kids should be supervised by humans rather than machines. His reply of "forget it" in that context would mean "forget about trying to stay ahead of their proxy tricks, and have someone to actually watch the students rather than leaving them with a PC for a babysitter".
Except that it's easy to stay ahead of the kids - just like any other threat.
Install an internal proxy. Configure the firewall to enforce use of the internal proxy exclusively.
You may loose your life to proxy maintenance, but you will regain control.
Triffid
On Mon, 13 Mar 2006 21:51:48 +0100, Sebastian Gottschalk put finger to keyboard and composed:
VB's posts are so predictable and repetitive that they could easily be generated by a bot.
The fact that a particular security measure is not effective against a concerted attack is no reason not to have any countermeasure at all. Thankfully our authorities have seen fit not to abandon all seaport and airport surveillance, however imperfect such defences may be.
- Franc Zabkar
I'm sorry, but that's not the take away I got. That came out in later posts, probably after he had a chance to think about his initial response. Clearly, supervision is important, but you could make the same argument that companies should forget spending money on IT security and just watch all of their employees like babysitters.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.