JOEBOX-L Archives

Joebox User

JOEBOX-L@LISTS.MAINE.EDU

Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Ray Soucy <[log in to unmask]>
Reply To:
Joebox User <[log in to unmask]>
Date:
Wed, 13 Apr 2011 17:51:32 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (83 lines)
I took a quick look at your configuration.  You have a few "Open
Ports" rule to allow traffic that will essentially bypass your "Closed
Ports" rules that you're using to block Facebook.

Can you provide an example IP address that is working for Firefox but
being blocked for Chrome and IE?  I noticed that the group for your
Teachers has an Open Port rule to allow all HTTPS traffic (which would
completely bypass any Closed Port rule you have to block Facebook).

Keep in mind that rules are evaluated in the order they appear:
Blacklist Rules, Open Ports, then Closed Ports.  It will use the first
rule it matches.

On Wed, Apr 13, 2011 at 5:41 PM, Ray Soucy <[log in to unmask]> wrote:
> That sounds very odd, as it will block all connections to those
> networks.  The only thing I can think of is that Firefox has different
> addresses for Facebook (perhaps even malware redirecting your Facebook
> requests).  Or that Firefox perhaps making use of the MECguard SSL
> proxy and you haven't blocked facebook.com.
>
> I would like to see more details on this.
>
> On Wed, Apr 13, 2011 at 5:15 PM, Eugene Blake <[log in to unmask]> wrote:
>> WE have done the closed port solution to try to block (https) Facebook. One
>> of the kids let it slip out to a teacher that you could use https and
>> Firefox. The closed port solution works when using Safari and Internet
>> Explorer, but not Firefox. Haven't had time to explore more.
>>
>> Eugene Blake
>> Technology Coordinator
>> MCSD 917/School Union 103
>>
>>
>> -----Original Message-----
>> From: Joebox User [mailto:[log in to unmask]] On Behalf Of Ray Soucy
>> Sent: Wednesday, April 13, 2011 9:45 AM
>> To: [log in to unmask]
>> Subject: Are you using MECguard SSL?
>>
>> I'm interested in feedback from schools that have deployed, or
>> attempted to deploy, MECguard SSL (the proxy-based HTTPS filter).
>>
>> Anyone using it successfully yet?  If so, how is it working out?
>>
>> If you've tried to deploy it but ran into a roadblock, I want to hear
>> about that as well.
>>
>> --
>> Ray Soucy
>>
>> Epic Communications Specialist
>>
>> Phone: +1 (207) 561-3526
>>
>> Networkmaine, a Unit of the University of Maine System
>> http://www.networkmaine.net/
>>
>
>
>
> --
> Ray Soucy
>
> Epic Communications Specialist
>
> Phone: +1 (207) 561-3526
>
> Networkmaine, a Unit of the University of Maine System
> http://www.networkmaine.net/
>



-- 
Ray Soucy

Epic Communications Specialist

Phone: +1 (207) 561-3526

Networkmaine, a Unit of the University of Maine System
http://www.networkmaine.net/

ATOM RSS1 RSS2