Re: [squid-users] Bypassing squid proxy

From: H M Rajeev <hmrajeev@dont-contact.us>
Date: Wed, 6 Mar 2002 13:51:59 +0530

No! Not like that.
Have a look at below.

Authorized users connecting to -----> Squid ----> Firewall -----> Internet

unauthorized users ----->authorized users PC(some proxy is running
here) ------>Squid ----->Firewall ----> Internet.

squid accept the connection from from authorized PC only. we have blocked
all other route.

regards
rajeev

----- Original Message -----
From: "fooler" <fooler@skyinet.net>
To: "H M Rajeev" <hmrajeev@ybil.com>; "Alex Rousskov"
<rousskov@measurement-factory.com>; <squid-users@squid-cache.org>
Sent: Wednesday, March 06, 2002 1:36 PM
Subject: Re: [squid-users] Bypassing squid proxy

> ----- Original Message -----
> From: "H M Rajeev" <hmrajeev@ybil.com>
> To: "Alex Rousskov" <rousskov@measurement-factory.com>;
> <squid-users@squid-cache.org>
> Sent: Wednesday, March 06, 2002 3:23 PM
> Subject: Re: [squid-users] Bypassing squid proxy
>
>
> > Here havoc means it is unethical. Say among 100 users we have given
access
> > to only 50 users. And other 10 users are accessing the net by connecting
> to
> > unauthorized proxy. Certainly other 40 users , who don't know how to
> bypass
> > will question us. More than that if everybody is connecting to
> unauthorized
> > proxy then there is no meaning for squid ACL.
> > Squid log doesn't show the ip address of those 10 users who is
connecting
> to
> > authorized users PC.
>
> at your border or gateway router, block all destination ip address with
> destination tcp port 80 except your proxy server ip address and force them
> to use your proxy.
>
> fooler.
Received on Wed Mar 06 2002 - 01:17:37 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:43 MST