OZDISK PTY LTD

Utilising Internet filtering within a business site can be great for controlling access and minimising risks.

Just make sure that this doe not impact on normal business activities.

Over blocking access can lead to interuption and loss of business activities, Under blocking can also lead to the same.

So what do we do, for starters I have listed below some categories or sites that should be blocked.

Minimal
Pornography
Advertisements
Malware/Spyware/Virus Hosts

Additional
Social Sites
Messenging Sites
Violence

Using opensource systems like IPCOP, SMOOTHWALL or similar can be very benficial.
Install the software onto a computer, configure and install the system into you network.
Tune and tweak the proxy and any additional module you may have installed.

If you have access to Microsoft ISA server and some decent computer hardware, Install and configure.

After being contacted many times of the last year or two, I have put together the following.

I had been working in and around schools for many years. The number of children that attempt to access internet content that they should not can be overwhelming. Many technicians and teachers have enough to do without having to police the internet that chldren use.

Installing an internet filter and locking down external access is the only way to go. Children range from barely being able to use a computer right through to Year 12 students. This is a recipe for problems that any technician that has worked in a school can tell you.  Installing a proxy server that has some access controls is a start, making sure a firewall allows only the required external ports will reduce workload. Children will all ways try to bypass your proxy controls. Learn to deal with that.

Children are learning that internet filters can be bypassed by using internet hosted SSH, VPN and even PHP style hosting.

SSH – This method creates a secure tunnel in which they send and receive the data from a remote host that has un filtered access to the internet.

VPN – much the same as SSH, this creates a secure tunnel to a remote host that has unfiltered access to the internet.

PHP (Web) Proxy – This method is becoming very common, the end user sets up the required software on remote hosting where there is no internet filter and then using accesses that site, the url string is usually altered to cover there tracks. This method hides what they are accessing and only shows traffic to the orginal site.

Restrict access to VPN and monitor utilised ports, installing a firewall or ISA server can help you control this.

Blocking Malware, Spyware and known virus domains is another process that I recommend. Subscribing to a hosts file, malware blocklist and any other feed that will notify you of new sites, then collate this information together and deny access to those sites will decrease infections and reduce workload.

Bandwidth costs can accumulate very fast within schools, if a school has 100 computers that are used daily and download 10MB means 1000MB per day and thats going to end up using 20000MB approx. You need to cache whatever you can, I have seen some proxy servers cache 30-40% with some even higher. If you can tune your proxy server for high hit rates you will reduce your bandwidth bill.

Quote “we use a Censorblox which is updated daily at this point in time we have over 25,000 proxy servers blocked and counting. As soon as the kids find a new one it is added to the list.”
http://www.edulists.com.au/pipermail/sofdev/2007-August/000377.html

With so many of these sites popping up, you can do your best at blocking them or get a little help from around the net. This was originally part of the Censorblox / OZBMS system but we are breaking it off for those that just want to stop access to these pesky sites. Check out our page being dedicated to web proxies, Web Based Proxy Server Page

What we are really looking at here is blocking sites that allow users to bypass the filters and controls that are put into place, reasons behind this is that persons operating these sites can capture private inforamtion and passwords, this can then be used for malicous use or sold on to marketing firms to make money.

These sites are great for surfing the net anonymously but the danger of the operator using this information is high. It is highly possible that an operator can play man in the middle.

For the operator to utilise the proxy for Man in the Middle attacks, they need very little extra software/hardware. The ease of this kind of attack is very easy with any unsuspecting user accessing the proxy and surfing around.

For instance if a user connected to a proxy, typed in facebook.com and then entered their login and password. It would not be very hard for the operator  to then capture these details and login as you, gather information and use it for their liking.