Tom's Hardware > Forum > General Networking > Firewall > How to Stop bypassing Proxy server

How to Stop bypassing Proxy server

Forum General Networking : Firewall - How to Stop bypassing Proxy server

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   05-28-2004 at 08:47:35 AM

Archived from groups: comp.os.linux.security,comp.os.linux.networking,mailing.unix.squid-users,comp.security.firewalls (More info?)

 

Some of the users at my location are accessing the Internet by
bypassing the in-house proxy server. They are just typing the upstream
proxy server IP address and port number in browser and accessing the
Internet. How can I prohibit such activities? My network is on
192.168.7.0 and IP address of upstream proxy server is 195.2.104.7
(take these IP addresses as an example). I can access 195.2.104.0
network from my location. I am using Squid Proxy server on Linux RH8.

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   05-28-2004 at 01:57:21 PM
- 0 +

Archived from groups: comp.os.linux.security,comp.os.linux.networking,mailing.unix.squid-users,comp.security.firewalls (More info?)

 

On 28 May 2004 02:47:35 -0700, ssp2000 spoketh

>Some of the users at my location are accessing the Internet by
>bypassing the in-house proxy server. They are just typing the upstream
>proxy server IP address and port number in browser and accessing the
>Internet. How can I prohibit such activities? My network is on
>192.168.7.0 and IP address of upstream proxy server is 195.2.104.7
>(take these IP addresses as an example). I can access 195.2.104.0
>network from my location. I am using Squid Proxy server on Linux RH8.

On Windows computers, you can use Group Policies to block access to any
and all of the settings for Internet Explorer, including the proxy
settings.

Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

Reply to Anonymous
Anonymous   05-28-2004 at 08:02:34 PM
- 0 +

Archived from groups: comp.os.linux.security,comp.os.linux.networking,mailing.unix.squid-users,comp.security.firewalls (More info?)

 

ssp2000 wrote:

> Some of the users at my location are accessing the Internet by
> bypassing the in-house proxy server.[...]

Configure packet filtering, allow outgoing http only from the proxy, block
the rest of the network.

iptables -A FORWARD -s $PROXY -p tcp --dport 80 -j ACCEPT
iptables -A FORWARD -s $LAN -j REJECT

should do.

Wolfgang
--
A foreign body and a foreign mind
never welcome in the land of the blind
Peter Gabriel, Not one of us, 1980

Reply to Anonymous
Anonymous   05-31-2004 at 12:12:02 AM
- 0 +

Archived from groups: comp.os.linux.security,comp.os.linux.networking,mailing.unix.squid-users,comp.security.firewalls (More info?)

 

ssp2000 wrote:

> Some of the users at my location are accessing the Internet by
> bypassing the in-house proxy server. They are just typing the upstream
> proxy server IP address and port number in browser and accessing the
> Internet. How can I prohibit such activities? My network is on
> 192.168.7.0 and IP address of upstream proxy server is 195.2.104.7
> (take these IP addresses as an example). I can access 195.2.104.0
> network from my location. I am using Squid Proxy server on Linux RH8.

I use transparent proxying which works like a charm. Something like:

$IPTABLES -t nat -A PREROUTING -i $INTERNAL_NIC -p tcp --dport 80 -j
REDIRECT --to-port 3128

Which hijacks port 80 requests and forces them through squid. You'll also
want to block people from using another proxy server, like so:

$IPTABLES -A FORWARD -s 192.168.7.0/24 -p tcp --dport $ISP_PROXY_PORT -j
DROP

Then, in squid.conf, I set:

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

Which enables transparent proxying.

I tell my users not to use any proxy settings. Everything goes through
squid. If someone tries to be "smart" by putting your ISP as the proxy, it
simply won't work. In fact, they must either use your squid server as the
proxy, or not put in any settings at all if they want web access.

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > General Networking > Firewall > How to Stop bypassing Proxy server
Go to:

There are 1283 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.201 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them
How do I win badges?