JOEBOX-L Archives

Joebox User

JOEBOX-L@LISTS.MAINE.EDU

Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Ray Soucy <[log in to unmask]>
Reply To:
Joebox User <[log in to unmask]>
Date:
Thu, 30 Jun 2011 16:59:12 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (40 lines)
I would think just by nature of going through MecGuard this type of
traffic would break anyway.  MecGuard won't pass through content that
doesn't conform to HTTP from what I understand.

Can you give an example application?

If we can determine the protocol used, and it's encased within HTTP,
and it's going through MecGuard, we can probably block it with RTF, or
look into making a more intelligent filter.  But we would need to be
able to know what pattern to look for, and it wouldn't work for
encrypted (SSL) traffic, as you can't inspect the content of SSL
without breaking the encryption; and you can't break the encryption
(in realtime at least) without the browser detecting that you have and
throwing up a thousand error messages.

On Thu, Jun 30, 2011 at 4:35 PM, Kyle Green <[log in to unmask]> wrote:
> On Thursday, June 30, 2011 at 4:28 PM, Eric R. Warren wrote:
>
> Kyle's idea is excellent, and has been implemented in the content filtering
> module built into Sonicwall firewalls. Just check off "Proxy/Avoidance
> Websites" and the device loads a big list of known proxies and starts
> blocking them. If you want to allow one, just whitelist it.
>
> Actually, my idea goes a step farther and has the JoeBox actively
> determining if the remote host is an open proxy.
> It won't stop the sites like you and Ray talk about, but it'll certainly
> help to cut down on the P2P-over-HTTP-proxy traffic.



-- 
Ray Soucy

Epic Communications Specialist

Phone: +1 (207) 561-3526

Networkmaine, a Unit of the University of Maine System
http://www.networkmaine.net/

ATOM RSS1 RSS2