Re: [fw-wiz] Best way to block incoming connections from open http proxy servers?
- From: Christine Kronberg <seeker@xxxxxxxxx>
- Date: Sat, 26 May 2007 12:45:58 +0200 (CEST)
On Fri, 25 May 2007, Jerry Gardner wrote:
On 5/21/07, Chris Smith <csmith@xxxxxxxxxxx> wrote:
What's the recommended way to maintain a list of public, open http proxies
and block them from making inbound connections to an http server with
iptables?
That's a losing battle you're never going to win.
I may be in the minority here, but I strongly believe that accessing
inappropriate material in a work or educational setting is a social problem,
not a technical one.
Chris was talking about _inbound_ traffic, not outbound. In his second
post he gives a good reason for his quest. Yet, what has been said so
far is true: You will always be behind in blocking.
Anyway, there are some proxy lists like proxy.org/cgi_proxies.shtml.
Or you extract the proxy/redirector part of url blacklist collections:
http://squidguard.mesd.k12.or.us/blacklists.tgz
http://squidguard.shalla.de/shallalist.html
http://cri.univ-tlse1.fr/documentations/cache/squidguard_en.html#contrib
Cheers,
Christine Kronberg.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- Prev by Date: Re: [fw-wiz] Best way to block incoming connections from open http proxy servers?
- Next by Date: [fw-wiz] Cisco VPN reconnection every 23 minutes
- Previous by thread: Re: [fw-wiz] Best way to block incoming connections from open http proxy servers?
- Next by thread: [fw-wiz] PIX - acl breaks implicit outbound rule
- Index(es):
