OZDISK PTY LTD

Utilising Internet filtering within a business site can be great for controlling access and minimising risks.

Just make sure that this doe not impact on normal business activities.

Over blocking access can lead to interuption and loss of business activities, Under blocking can also lead to the same.

So what do we do, for starters I have listed below some categories or sites that should be blocked.

Minimal
Pornography
Advertisements
Malware/Spyware/Virus Hosts

Additional
Social Sites
Messenging Sites
Violence

Using opensource systems like IPCOP, SMOOTHWALL or similar can be very benficial.
Install the software onto a computer, configure and install the system into you network.
Tune and tweak the proxy and any additional module you may have installed.

If you have access to Microsoft ISA server and some decent computer hardware, Install and configure.

After being contacted many times of the last year or two, I have put together the following.

I had been working in and around schools for many years. The number of children that attempt to access internet content that they should not can be overwhelming. Many technicians and teachers have enough to do without having to police the internet that chldren use.

Installing an internet filter and locking down external access is the only way to go. Children range from barely being able to use a computer right through to Year 12 students. This is a recipe for problems that any technician that has worked in a school can tell you.  Installing a proxy server that has some access controls is a start, making sure a firewall allows only the required external ports will reduce workload. Children will all ways try to bypass your proxy controls. Learn to deal with that.

Children are learning that internet filters can be bypassed by using internet hosted SSH, VPN and even PHP style hosting.

SSH – This method creates a secure tunnel in which they send and receive the data from a remote host that has un filtered access to the internet.

VPN – much the same as SSH, this creates a secure tunnel to a remote host that has unfiltered access to the internet.

PHP (Web) Proxy – This method is becoming very common, the end user sets up the required software on remote hosting where there is no internet filter and then using accesses that site, the url string is usually altered to cover there tracks. This method hides what they are accessing and only shows traffic to the orginal site.

Restrict access to VPN and monitor utilised ports, installing a firewall or ISA server can help you control this.

Blocking Malware, Spyware and known virus domains is another process that I recommend. Subscribing to a hosts file, malware blocklist and any other feed that will notify you of new sites, then collate this information together and deny access to those sites will decrease infections and reduce workload.

Bandwidth costs can accumulate very fast within schools, if a school has 100 computers that are used daily and download 10MB means 1000MB per day and thats going to end up using 20000MB approx. You need to cache whatever you can, I have seen some proxy servers cache 30-40% with some even higher. If you can tune your proxy server for high hit rates you will reduce your bandwidth bill.

SPAMMERS

.look019.com
.vehawiih.com
.jarubyim.com
.gibimain.com
.0rz.tw
.keyekdid.com
.demaszen.com
.iokodeit.com
.iadoksiw.com
sunechae.com
hmolilxsersu.com
dzgdxnynminl.com
giaphucnguyen.vn
doclu.com
ladmnrqnzwch.com
mjsattbtzqwv.com
ncbdumlebpzt.com
qsesdauxghau.com
hjecflhqvdai.com
kziiimxkewqk.com
ysrhfxlwgovc.com
lsophyfystqx.com
yciidvrhxkaf.com
gyniwdoqhtsr.com
.lkcwswscvfeh.com
.uwhwvihmbkgh.com
.njwortzubdjc.com
.lowest-rate-loans.com
.inspiredwebcreation.co.uk
.nutshellurl.com
.mosterhok22.com
.jeol.co.kR
.starvipplays.net
.iblp-rd.org
.iycnl.com
.poisonstrawberry.com

Quote “we use a Censorblox which is updated daily at this point in time we have over 25,000 proxy servers blocked and counting. As soon as the kids find a new one it is added to the list.”
http://www.edulists.com.au/pipermail/sofdev/2007-August/000377.html

DNS (Domain Name Server) is what is used everytime someone tries to access a website. If you type www.ozdisk.com.au into your browser a small query goes off to find what IP  the webserver has in order to access it. It works like a phone book, that can update its information from other DNS servers located on the Internet. By tricking a local DNS server into replying with either a loopback address (127.0.0.1) or an internal address you stop the query from going further onto the Internet.

Once a computer is infected with malware or spyware, it can send information onto the internet for malicious hackers to turn computers into zombies or gather information which is confidential or even install more malicious softyware. Persons responsible for infected computers should remove the infected computers from the network and then remove the infections. Once it is clean or reimaged then put it back onto the network for use.

Now thats out of the way, here is way to help block and protect computers. Although this wont stop all infections it will reduce computers from accessing the domains that are known bad sites.

Stopping Malware & Spyware from talking to the internet by using a DNS null zone is very simple and does not require large hardware or specialised equipment. When a computer tries to access one of the sites on the list the DNS server will reply with a local IP thus keeping the data from going out onto the Internet.

It can be as simple as loading a local DNS application to your server. If you run a Windows server then you more than likely have this setup partially already. If you run Apple or Linux you can install and run a DNS server fairly easily. (Although the later will require further techs skills.)

For further information and details please visit “Black Hole DNS White Paper by David Glosser”

Another thing that can be looked at is using a HOSTS file http://www.mvps.org/winhelp2002/hosts.htm

Now as a business that promotes safe internet access for Children and Schools & Customised Internet Filtering for Business customers you would not think that we would be saying this.

Based off everything we have read so far, we do not believe the Mandatory ISP filtering plan otherwise known as The Clean Feed Project is the way to go.

People believe that Clean Feed will make the internet safer for children, well partially not entirely. 

Home Internet access is the responsibility of the persons whom pays for it, Business Internet is the responsiblity of all that use it and the person whom pays the bill. Mandatory ISP filtering is not really the way to go, YES i do believe that we should not have the following types of sites on the net but it will never stop. There will be ways for people to bypass it and there aint no way that they can stop that.

If you filter at every Australian ISP, you could bypass it by setting up a VPN or SSH tunnel into another country. The costs involved in this are not expensive.

The Clean Feed Project – Will use a Government Blacklist which has a number of internet sites in which they will block all Australians from accessing.

It is designed to;

• Block access to known websites which contain child-abuse materials.
• Block access to known material that is refused classification.
• Block access to known instruction in crime material.
• Block access to known drug use material.
• Block access to some adult sexual material.

Concerns we have are;

• This will not protect children from inappropriate materials.
• The Filter will be able to be bypassed rendering it useless.
• Slowing Internet access in Australia further.
• Steer us in the path of what China is now using.

Now this may sound not too bad but with the amount of adult websites that exist on the Internet these days, us as parents need to realise that we have to play a part in the control of the internet as well. Do you know where your kids have been or who they have talked to on the home computer.

Informational Links

http://www.efa.org.au/mandatory-internet-filtering-fact-sheets/

http://openinternet.com.au/

http://nocleanfeed.com/

With so many of these sites popping up, you can do your best at blocking them or get a little help from around the net. This was originally part of the Censorblox / OZBMS system but we are breaking it off for those that just want to stop access to these pesky sites. Check out our page being dedicated to web proxies, Web Based Proxy Server Page

What we are really looking at here is blocking sites that allow users to bypass the filters and controls that are put into place, reasons behind this is that persons operating these sites can capture private inforamtion and passwords, this can then be used for malicous use or sold on to marketing firms to make money.

These sites are great for surfing the net anonymously but the danger of the operator using this information is high. It is highly possible that an operator can play man in the middle.

For the operator to utilise the proxy for Man in the Middle attacks, they need very little extra software/hardware. The ease of this kind of attack is very easy with any unsuspecting user accessing the proxy and surfing around.

For instance if a user connected to a proxy, typed in facebook.com and then entered their login and password. It would not be very hard for the operator  to then capture these details and login as you, gather information and use it for their liking.

For those of you that used CensorBlox in the past or have been looking for a simple web filtering system, we hope some of the information may be useful.

We are working on releasing parts of the system  for public release, Who knows it may one day go back into full production. As having a human checked web filtering solution that auto submits websites to a master server for checking. In 2007 I myself checked over 57000 websites, and thats only one person.

We had over 30 Categories of blocked content and sites, auto updating slave servers with custom configs that archived their configs back to the main server for offsite recovery if ever needed. CensorBlox to most was a basic web filter in which they had installed and as I quote “It just runs great”, what most did not realise is the amount of added systems in which put together the auto site submition, kids directory full of approved content submitted from teachers and custom settings for each school.

Stay tuned for more…. or visit out page being put together at CensorBlox Page