RE: [squid-users] Something i found hard

From: Robert Adkins <raa@dont-contact.us>
Date: Fri, 3 Jan 2003 17:22:00 -0500

Edward,

        I think the main problem that you are having here is that your end-users
are abusing, either a spoken, or unwritten company policy. If it is not
written into the company handbook, then talk to HR about adding something
disallowing access to home PCs, from the office, partially due to
security issues, mostly due to the fact that the users shouldn't be doing
their home computing on company time.

        Depending upon how you have Squid setup, if you are running it with
users authentication, then a quick look through your logs would, or
should reveal who is doing this and at what times they are doing this. It
would then be a simple matter of denying them access to the proxy server.
You could even create a special squid error message that would explain
why they have been denied access and for how long, if you are doing that
for short length of time.

        Another thing you could do is locate the listing of IP addresses
utilized by all Home Cable, DSL and other broadband type providers.
Unfortunately, I am unfamiliar with the ranges that they use. However, I
know that there are specific ranges of NON-COMMERCIAL IP Addresses used
by these companies for their subscribers. It should be a simple matter of
blocking those ranges in an ACL or at your firewall.

        From my brief reading of the gotomypc web-site, it appears that the
users would have to go to that web site in order to access their
computers through that system. You could also create an ACL to block the
www.gotomypc.com web-site. If you have a porn/noporn ACL already setup,
simply add www.gotomypc.com to the porn list and restart the squid
service.

        I cannot tell you how often I need to add additional sites and
combinations of words to my porn and noporn lists. They are both becoming
rather large, thankfully the logs are quite useful in that respect.

        I know that the brief information I detailed above is covered in a
variety of FAQs regarding Squid.

Regards,
Robert Adkins II
IT Manager/Buyer
Impel Industries, Inc.
Ph. 586-254-5800
Fx. 586-254-5804

 -----Original Message-----
From: Edward Mann [mailto:ed.mann@choicepoint.net]
Sent: Friday, January 03, 2003 11:24 AM
To: mailinglistsquid-users@squid-cache.org; Sturgis, Grant; Robert Adkins
Cc: squid-users@squid-cache.org
Subject: RE: [squid-users] Something i found hard.

   

That is what i have been working on, but the ip address keeps changing.
I want to know if there is some way that i can block what it is getting
the the url path or something.
On Fri, 2003-01-03 at 11:06, Sturgis, Grant wrote:
> Can't you just put that in your ACL?
>
> -----Original Message-----
> From: Edward Mann [mailto:ed.mann@choicepoint.net]
> Sent: Friday, January 03, 2003 10:00 AM
> To: squid-users@squid-cache.org
> Subject: [squid-users] Something i found hard.
>
>
> it has been brought to my attention that some users on my network are
> using a tool that you can get at gotomypc.com. I have tried to block
the
> port that it starts on 8200, but it then will change to port 443 and
> continue to work. Can someone help me figure out how to stop this. i
> have also tried the ip address, but it seems to change that as well.
>
>
> Thanks.
>
> This electronic message transmission is a PRIVATE communication which
> contains information which may be confidential or privileged. The
> information is intended to be for the use of the individual or entity
named
> above. If you are not the intended recipient, please be aware that any
> disclosure, copying, distribution or use of the contents of this
information
> is prohibited. Please notify the sender of the delivery error by
replying to
> this message, or notify us by telephone (877-633-2436, ext. 0), and
then
> delete it from your system.
Received on Fri Jan 03 2003 - 15:25:58 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:26 MST