lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20031031215828.67720.qmail@web11004.mail.yahoo.com>
From: sgmasood at yahoo.com (S G Masood)
Subject: Proxies

It is more or less impossible with current technology
to set up an automated system to *completely* prevent
users from accessing certain HTTP content. What I mean
here is that everything available can be bypassed. 

How do you block *all* HTTP proxies, for instance(a la
Surfola and party)? How about custom written CGI
proxies? How about JAP like software?


> You could do a couple
> things to detect that people were using proxies
> though.  Parse through
> your logs / ip accounting for repeated hits to hosts
> on port 80 and the
> source ip, have it email you those ips and
> investigate.  

IMHO, these kind of measures are the only thing you
can do to enforce your content access policies.

--
S.G.Masood
Hyderabad,
India.


__________________________________
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
http://launch.yahoo.com/promos/britneyspears/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ