Re: [squid-users] Block all Web Proxies with squid.
HI, Well, it is a little boring, but, we always can enter the site, save source page code, process it an use it with Squid, but, again, how about ethics? Good question. Their terms of use explicitly says You may not utilize any automatic or manual process to harvest information from the Site. but the legal status of this varies depending on in which country you are. It is an interesting point too. I feel that if they organized the list and published their conditions, is important to respect the terms. I think it is a philosophical, ethical an legal issue. I decided to do not use their list, for awhile. Really thank you for your opinion.( Beware: my english is not good enough. :-D ) In a while, I am looking at the Dwayne Hottinger suggestion ( sorry I lost original e-mail ) There is some people doing work on blacklists at bleeding-edge. Thanks Dwayne. I have already got this list: http://doc.bleedingthreats.net/bin/view/Main/AllProjects#BlackHoleDNS_for_Spyware. I don't know if there are so many proxie's sites in this list as are in the proxy.org, but it has (bleedingthreats) more than 16.000 spyware domains. Really thank your for your attention. Regards, Freitas
Re: [squid-users] Block all Web Proxies with squid.
Quoting Tim Bates [EMAIL PROTECTED]: [EMAIL PROTECTED] wrote: Im sort of curious how you route your traffic? Im using iptables and reroute all port 80 traffic to my proxy on port 8080. Port 443 traffic goes straight to website, because you cant cache encrypted traffic. Or am I totally wrong about this? You can't cache it, but you can apply rules to it, thus restricting it's use for avoiding your proxy rules. I'm fairly sure that you can't do a transparent redirection though. Open to correct, but I think redirection breaks HTTPS. TB ** This message is intended for the addressee named and may contain privileged information or confidential information or both. If you are not the intended recipient please delete it and notify the sender. ** That is what I was thinking. I am running a transparent proxy. -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
Re: [squid-users] Block all Web Proxies with squid.
Quoting [EMAIL PROTECTED] [EMAIL PROTECTED]: Hi, Well if u want to block proxy you can get the list from www.proxy.org. But this list is paid.is there any free list or can someone send a an attached text file of the list.Even i face the same Issue.May be we can make it work with SquidGaurd. I visited the site. English is not my native language, so, I can missed something, but I didn't understand the list is paid for final users searching proxy access. I tried to get http://proxy.org/cgi_proxies.shtml using wget and I got a 403 error, so, I tried -UMozilla. and it worked. I don't know if they will, anytime, block accesses coming from the same IP and doing nothing but loading main page. I did some egrep and awk in the file ( gotten by wget ) and I got a list of domains ( more than 4000 ), ready to use in a dstdom Squid ACL. I think it can be considered as a misuse of their service, because they use banners in the sites. So, I think it must be discussed to analyse the ethics. ( Maybe I am paranoid :-) ). Surfing in the site, I found a list or TOR servers, in text format ( wget needs -U ), to use in a .htaccess file. Again, some egrep and awk generated a list ready to use in a dst Squid ACL. Well, it is a little boring, but, we always can enter the site, save source page code, process it an use it with Squid, but, again, how about ethics? I am really interested about blocking anonymous proxies, but I have already seen that it is a hard job. :-( Thank you for your attention. Regards, Freitas There is some people doing work on blacklists at bleeding-edge. They wright sig files for snort. You might check out their site. Ive used their blacklists before. They stay pretty up-to-date. Or were. -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
Re: [squid-users] Block all Web Proxies with squid.
On ons, 2007-09-05 at 11:15 +1000, Tim Bates wrote: I'm fairly sure that you can't do a transparent redirection though. Open to correct, but I think redirection breaks HTTPS. Technically it's possible to implement, but it would not add very much as only the destination IP address will be available to the proxy, not the requested hostname... so you can just as well filter https at the router level.. Regards Henrik signature.asc Description: This is a digitally signed message part
Re: [squid-users] Block all Web Proxies with squid.
On tis, 2007-09-04 at 22:15 -0300, [EMAIL PROTECTED] wrote: Well, it is a little boring, but, we always can enter the site, save source page code, process it an use it with Squid, but, again, how about ethics? Good question. Their terms of use explicitly says You may not utilize any automatic or manual process to harvest information from the Site. but the legal status of this varies depending on in which country you are. Regards Henrik signature.asc Description: This is a digitally signed message part
Re: [squid-users] Block all Web Proxies with squid.
Well if u want to block proxy you can get the list from www.proxy.org. they have the updated list of all running proxies.. y must u allow https not to go through squid ? in my environment all internet access must go through squid.
Re: [squid-users] Block all Web Proxies with squid.
On 9/5/07, Norman Noah [EMAIL PROTECTED] wrote: Well if u want to block proxy you can get the list from www.proxy.org. But this list is paid.is there any free list or can someone send a an attached text file of the list.Even i face the same Issue.May be we can make it work with SquidGaurd. they have the updated list of all running proxies.. y must u allow https not to go through squid ? in my environment all internet access must go through squid.
Re: [squid-users] Block all Web Proxies with squid.
On Wed, Sep 05, 2007, Preetish wrote: On 9/5/07, Norman Noah [EMAIL PROTECTED] wrote: Well if u want to block proxy you can get the list from www.proxy.org. But this list is paid.is there any free list or can someone send a an attached text file of the list.Even i face the same Issue.May be we can make it work with SquidGaurd. Who's going to keep it updated? Adrian
Re: [squid-users] Block all Web Proxies with squid.
Quoting Preetish [EMAIL PROTECTED]: On 9/5/07, Norman Noah [EMAIL PROTECTED] wrote: Well if u want to block proxy you can get the list from www.proxy.org. But this list is paid.is there any free list or can someone send a an attached text file of the list.Even i face the same Issue.May be we can make it work with SquidGaurd. they have the updated list of all running proxies.. y must u allow https not to go through squid ? in my environment all internet access must go through squid. Im sort of curious how you route your traffic? Im using iptables and reroute all port 80 traffic to my proxy on port 8080. Port 443 traffic goes straight to website, because you cant cache encrypted traffic. Or am I totally wrong about this? -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
Re: [squid-users] Block all Web Proxies with squid.
[EMAIL PROTECTED] wrote: Quoting Preetish [EMAIL PROTECTED]: On 9/5/07, Norman Noah [EMAIL PROTECTED] wrote: Well if u want to block proxy you can get the list from www.proxy.org. But this list is paid.is there any free list or can someone send a an attached text file of the list.Even i face the same Issue.May be we can make it work with SquidGaurd. they have the updated list of all running proxies.. y must u allow https not to go through squid ? in my environment all internet access must go through squid. Im sort of curious how you route your traffic? Im using iptables and reroute all port 80 traffic to my proxy on port 8080. Port 443 traffic goes straight to website, because you cant cache encrypted traffic. Or am I totally wrong about this? But you can filter based on the domain name. there are plenty of https proxies out there... --Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
Re: [squid-users] Block all Web Proxies with squid.
Hi, Well if u want to block proxy you can get the list from www.proxy.org. But this list is paid.is there any free list or can someone send a an attached text file of the list.Even i face the same Issue.May be we can make it work with SquidGaurd. I visited the site. English is not my native language, so, I can missed something, but I didn't understand the list is paid for final users searching proxy access. I tried to get http://proxy.org/cgi_proxies.shtml using wget and I got a 403 error, so, I tried -UMozilla. and it worked. I don't know if they will, anytime, block accesses coming from the same IP and doing nothing but loading main page. I did some egrep and awk in the file ( gotten by wget ) and I got a list of domains ( more than 4000 ), ready to use in a dstdom Squid ACL. I think it can be considered as a misuse of their service, because they use banners in the sites. So, I think it must be discussed to analyse the ethics. ( Maybe I am paranoid :-) ). Surfing in the site, I found a list or TOR servers, in text format ( wget needs -U ), to use in a .htaccess file. Again, some egrep and awk generated a list ready to use in a dst Squid ACL. Well, it is a little boring, but, we always can enter the site, save source page code, process it an use it with Squid, but, again, how about ethics? I am really interested about blocking anonymous proxies, but I have already seen that it is a hard job. :-( Thank you for your attention. Regards, Freitas
Re: [squid-users] Block all Web Proxies with squid.
[EMAIL PROTECTED] wrote: Im sort of curious how you route your traffic? Im using iptables and reroute all port 80 traffic to my proxy on port 8080. Port 443 traffic goes straight to website, because you cant cache encrypted traffic. Or am I totally wrong about this? You can't cache it, but you can apply rules to it, thus restricting it's use for avoiding your proxy rules. I'm fairly sure that you can't do a transparent redirection though. Open to correct, but I think redirection breaks HTTPS. TB ** This message is intended for the addressee named and may contain privileged information or confidential information or both. If you are not the intended recipient please delete it and notify the sender. **
Re: [squid-users] Block all Web Proxies with squid.
I am doing the same but, there are number of ports these free proxy servers use: like 3128, 8000, 8080, 7001, etc Probably we can redirect nummber of them to our proxy server but this number is too large. Plus there are chances that you may block real website services using these ports. -- Umar - Original Message - From: [EMAIL PROTECTED] To: squid-users@squid-cache.org Sent: Wednesday, September 05, 2007 5:56 AM Subject: Re: [squid-users] Block all Web Proxies with squid. Quoting Preetish [EMAIL PROTECTED]: On 9/5/07, Norman Noah [EMAIL PROTECTED] wrote: Well if u want to block proxy you can get the list from www.proxy.org. But this list is paid.is there any free list or can someone send a an attached text file of the list.Even i face the same Issue.May be we can make it work with SquidGaurd. they have the updated list of all running proxies.. y must u allow https not to go through squid ? in my environment all internet access must go through squid. Im sort of curious how you route your traffic? Im using iptables and reroute all port 80 traffic to my proxy on port 8080. Port 443 traffic goes straight to website, because you cant cache encrypted traffic. Or am I totally wrong about this? -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools
Re: [squid-users] Block all Web Proxies with squid.
The best way to do this may be by your dns server. Get a list of the proxy domain names and route them to 127.0.0.1 or wherever. dnsmasq does this well and one of the latest versions was streamlined to handle HUGE hosts files very quickly via hash tables/buckets. So script up a hosts file that is like: proxy1.com 127.0.0.1 proxy2.com 127.0.0.1 etc. This handles all traffic to the bad site, not just http or https ;-) Also filter out port 57 to the outside world so that a really clever guy can't just change his dns servers. Alternatively, with OpenDNS.com's dns servers you can opt into a free filtering setup that will filter adult content and/or proxies. Check it out. You just use them as your dns server instead of you isp/upstream. Or do both of the above. Let me know if this helped Jason [EMAIL PROTECTED] wrote: I am doing the same but, there are number of ports these free proxy servers use: like 3128, 8000, 8080, 7001, etc Probably we can redirect nummber of them to our proxy server but this number is too large. Plus there are chances that you may block real website services using these ports. -- Umar - Original Message - From: [EMAIL PROTECTED] To: squid-users@squid-cache.org Sent: Wednesday, September 05, 2007 5:56 AM Subject: Re: [squid-users] Block all Web Proxies with squid. Quoting Preetish [EMAIL PROTECTED]: On 9/5/07, Norman Noah [EMAIL PROTECTED] wrote: Well if u want to block proxy you can get the list from www.proxy.org. But this list is paid.is there any free list or can someone send a an attached text file of the list.Even i face the same Issue.May be we can make it work with SquidGaurd. they have the updated list of all running proxies.. y must u allow https not to go through squid ? in my environment all internet access must go through squid. Im sort of curious how you route your traffic? Im using iptables and reroute all port 80 traffic to my proxy on port 8080. Port 443 traffic goes straight to website, because you cant cache encrypted traffic. Or am I totally wrong about this? -- Dwayne Hottinger Network Administrator Harrisonburg City Public Schools --- AV Spam Filtering by M+Guardian - Risk Free Email (TM) ---