On Saturday 26 April 2003 10.11, Ralf Hildebrandt wrote:
> Since WebDAV can be proxies using Squid, I'd like to know how we
> could restrict the export of data from our network to the outside
> via our Squid proxies.
By denying the WebDAV methods. Most likely easier to do the opposite
and allow only normal browsing methods:
GET
HEAD
POST (*1)
CONNECT (*2)
*1) You probably want to deny POST with req_mime_type
multipart/x-form-data, as this is used by file upload forms.
*2) Note that you won't have any control over https:// sites, so you
should probably not allow the CONNECT method except for well known
destinations.
> Related issue: Some P2P tools can use HTTP Proxies. Are there any
> tools that can spot such traffic in the access.log?
Not in a general term, but it should not be hard at all to make simple
filters which spots the common ones. Most P2P tools are not true P2P
and makes use of central servers at well known addresses as
connection points. These can be spotted very easily once identified.
Also, some of the P2P tools advertise a good User-Agent (as they
should) and can be fully identified.
I am not aware of any document on how the different P2P tools can be
identified.
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, info@marasystems.comReceived on Sat Apr 26 2003 - 04:02:11 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:15:31 MST