Our students are using some sort of script to bypass our school proxy servers.

Our students are using some sort of script to bypass our school proxy servers.

See it in action at http://www.dxlp.com/

I see that the form data is posting to http://dxlp.com/cgiproxy/nph-proxy.cgi/010110A/x-proxy/start

Anyone know how I can disallow the use of this script from our schools?

Of course, I could block the domain on our proxy and/or on iPrism BUT that won't prevent the kids from simply moving the script to a different domain...

Thanks
drs


LVL 2
smetterdAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

PsiCopCommented:
I'd pick one day in  the week and start to route the traffic for that Domain to a webserver that I controlled.

The page displayed would say something like

"Busted! You have been caught attempting to bypass the school's Proxy Server. The date, time and originating IP have been logged, and you will be tracked down using this information."

I'd also have the web page start playing a LOUD siren-like noise and appropriate accompanying verbiage, like "Step away from the computer! Place your hands on your head and turn around slowly!"

But then I'm a sadistic SOB.
0
smetterdAuthor Commented:
But that won't prevent them from using an anonymizer on a different domain. Is there a way to block the access to the anonymizer script itself?
0
PsiCopCommented:
No, it won't, but they won't be doing any surfing until they clean out their underwear. :-)

Instead of blocking on Domain Name, just determine the IP address and null-route that IP address (or range) at your border router(s).
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

bbaoIT ConsultantCommented:
if your gateway supports content filtering or at least URL filtering, you can do it by identifying the specific string such as "cgiproxy/nph-proxy.cgi/" in the outgoing web requests. hope it helps, bbao
0
smetterdAuthor Commented:
tried that bbao, but didn't work for some reason... no biggie...
THanks to all.
0
kj52Commented:
hehehe hey smetterd... you're never gonna stop us... we the proud students of stisd will never prevail!!! it's more then just blocking the domain i have more than 10 proxies set up already... plus there's more then one proxy script out there you know...
0
PsiCopCommented:
Careful, kj52..... pride goeth before a fall.

And bragging is about the stupidest thing a cracker can do.....
0
kj52Commented:
No no, see it was'nt me though.... plus i've never used dxlp either... they only use it to play games which I find kindda childish... but still just like i said above... they only way to be sucessful is to have a hit list counter and view it every week then go and check the top ones for anything bad.  I have nothing against our library admin... I don't even know him. but I kindda have a issue with athority and when some one tries to take my power away from me i'll try anything posible to get it back.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.