Re: [squid-users] Advice needed on transparent proxy problem

From: Terry Luedtke <[email protected]>
Date: Mon, 21 Oct 2002 09:43:31 -0400

Kamesh,
 
You might want to consider using a network monitoring tool like snort
(www.snort.org) to block sites instead of a proxy for blocking sites,
depending on how your network is set up. NIDS has the advantage that
users can't bypass it since it doesn't rely on settings on their
personal computers. And, since it is watching traffic go by rather than
actively handling the requests, there's less chance it will interfere
with normal requests. Take a look at snort's React command
(http://www.snort.org/docs/writing_rules/chap2.html#tth_sEc2.3.24)
 
Terry Luedtke
National Library of Medicine

Kamesh Patel wrote:
>
...
>
> About six months ago i got involved in a project to filter websites
from our
> users... just the haughty stuff. We had a Linux server so i said
(with a few
> recommendations and after reading some stuff of the squid website)
'lets try
> out squid'.
>
...
> I then went live and soon realised that some of the users decided to
by pass
> the proxy by removing the settings from the browser. So i looked into
making
> it into an accelerated transparent http proxy.
>
Received on Mon Oct 21 2002 - 07:44:42 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:45 MST