That's why you have firewall rules, you can block all outbound network access. In 2.0 you can use the hostname(s) as well. That should help.
Deny all outbound access to ports 80 and 443, except from the proxy server. This has also proved to be a great deterent against malware as this blocks some drive by downloads. Direct http connections will then fail. Not something that blocks everything, but it works well regardless. Seth Op 22 mrt 2011, om 17:53 heeft Luke Jaeger het volgende geschreven: > Hello, > > I have squid configured as transparent proxy on my network. > > Students have figured out that if they use Firefox and set its internal > network settings to "no proxy", they can get to banned sites such as facebook > via https. > > Firefox is the only browser I know of that lets you override system proxy > settings, which we keep locked down. > > Is there any way to fix this? > > thanks - > > > Luke Jaeger | Technology Coordinator > Pioneer Valley Performing Arts Charter Public School > www.pvpa.org > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
