Re: [squid-users] Bypassing squid proxy

From: Jerry Murdock <jmurdock@dont-contact.us>
Date: Wed, 6 Mar 2002 12:20:35 -0500

What's the environment? If corporate, and management wants to restrict inet
access, a policy needs to be documented. Then management needs the balls to
enforce it (often a problem).

About the only thing you can easily automate is to scan your allowed IPs,
attempt to get a page through any suspiciously open ports, and adjust the acl
if needed. Of course if the user is savvy enough, and running a firewall,
he could notice (and block) your scans.

Otherwise, your stuck at reviewing logs. Use a sniffer to log/analyze what
traffic is on the lan.

Jerry

----- Original Message -----
From: "H M Rajeev" <hmrajeev@ybil.com>
To: "Alex Rousskov" <rousskov@measurement-factory.com>;
<squid-users@squid-cache.org>
Sent: Wednesday, March 06, 2002 2:23 AM
Subject: Re: [squid-users] Bypassing squid proxy

> Here havoc means it is unethical. Say among 100 users we have given access
> to only 50 users. And other 10 users are accessing the net by connecting to
> unauthorized proxy. Certainly other 40 users , who don't know how to bypass
> will question us. More than that if everybody is connecting to unauthorized
> proxy then there is no meaning for squid ACL.
> Squid log doesn't show the ip address of those 10 users who is connecting to
> authorized users PC.
>
> regards
> rajeev
Received on Wed Mar 06 2002 - 10:25:17 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:06:45 MST