Re: [squid-users] ULTRASURF (anti-filtering program) problem

From: Marcus Kool <[email protected]>
Date: Tue, 22 Jan 2008 12:37:30 -0200

HTTPS tunneling is blocked by the Squid redirector ufdbGuard.
It works with all versions of Squid and was first implemented
in version 1.10 of ufdbGuard (released in Nov 2006).

Of course one needs a proper firewall that blocks direct internet
from PCs so that the use of the Squid proxy is mandatory.

Marcus

Amos Jeffries wrote:
> Amos Jeffries wrote:
>> SSCR Internet Admin wrote:
>>> Hi,
>>>
>>> This is an off topic, but here it goes...
>>>
>>> I would like to ask if anyone from squid mailing list has stumble upon
>>> ultrasurf that can bypass any filtering products such as squidguard.
>>> I have
>>> setup a test pc with ip being blocked on squidguard. But to my
>>> surprise it
>>> bypass everything ive setup and with ultrasurf running on my test pc, IE
>>> internet setting has been changed to use 127.0.0.1 using port 9666.
>>>
>>> I know that this is a kernel level issue and I havent successfully
>>> blocked
>>> 9666 via iptables, maybe someone could try it out and maybe come up
>>> with a
>>> solution, before young students could have this program since you
>>> don't need
>>> to install this on a PC, just run u.exe and youre done bypassing.
>>>
>>>
>>> Thank you and God bless...
>>>
>>
>> Never heard of them. But going by the documentation they are
>> HTTPS-tunneling all traffic from the localhost outbound.
>>
>> You and most would naturally allow HTTPS CONNECT requests through
>> without filters for all the banking and secure sites that need it.
>
> And a read of the code confirms it. Seems to be interfacing with PuTTY,
> stunnel, and several HTTP CONNECT methods.
>
>>
>> If I'm right about it using HTTPS-tunnels you will need squid 3.1 with
>> SSLBump to filter this programs traffic properly. We are just awaiting
>> some of Alex's time for the SSLBump to be integrated fully into the
>> daily snapshots.
>
> Amos
Received on Tue Jan 22 2008 - 07:39:04 MST

This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:05 MST