Search This Blog

Tuesday, May 29, 2007

firewall-wizards Digest, Vol 13, Issue 14

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

1. Re: Best way to block incoming connections from open http
proxy servers? (Christine Kronberg)


----------------------------------------------------------------------

Message: 1
Date: Sat, 26 May 2007 12:45:58 +0200 (CEST)
From: Christine Kronberg <seeker@shalla.de>
Subject: Re: [fw-wiz] Best way to block incoming connections from open
http proxy servers?
To: Firewall Wizards Security Mailing List
<firewall-wizards@listserv.icsalabs.com>
Message-ID: <Pine.LNX.4.64.0705261235000.13802@shalla.de>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed

On Fri, 25 May 2007, Jerry Gardner wrote:
> On 5/21/07, Chris Smith <csmith@1pointe.com> wrote:
>>
>>
>> What's the recommended way to maintain a list of public, open http proxies
>> and block them from making inbound connections to an http server with
>> iptables?
>>
>
> That's a losing battle you're never going to win.
>
> I may be in the minority here, but I strongly believe that accessing
> inappropriate material in a work or educational setting is a social problem,
> not a technical one.

Chris was talking about _inbound_ traffic, not outbound. In his second
post he gives a good reason for his quest. Yet, what has been said so
far is true: You will always be behind in blocking.

Anyway, there are some proxy lists like proxy.org/cgi_proxies.shtml.
Or you extract the proxy/redirector part of url blacklist collections:

http://squidguard.mesd.k12.or.us/blacklists.tgz

http://squidguard.shalla.de/shallalist.html

http://cri.univ-tlse1.fr/documentations/cache/squidguard_en.html#contrib

Cheers,

Christine Kronberg.

------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 13, Issue 14
************************************************

No comments: