- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
Has anyone ever dealt with trying to block UltraSurf?
Posted on 12/12/14 at 12:02 pm
Posted on 12/12/14 at 12:02 pm
I have difficult problem to solve. I have a customer with no real infrastructure. There is no server, the laptops are brought from home and are mixed OS'es (Windows Home/Pro, OSX, etc).
The needed content filtering so I had her subscribe to OpenDNS. I block any DNS requests that are not heading to the OpenDNS servers.
There is apparently someone using UltraSurf to bypass OpenDNS. UltraSurf, from what I understand, is a proxy that uses outbound port 443.
We also got a subscription to iblocklist.com and I've added known proxies to a blocklist. The list is automatically updated every day.
I'm getting reports that UltraSurf is still working, so I don't know where to go from here.
Any ideas?
The needed content filtering so I had her subscribe to OpenDNS. I block any DNS requests that are not heading to the OpenDNS servers.
There is apparently someone using UltraSurf to bypass OpenDNS. UltraSurf, from what I understand, is a proxy that uses outbound port 443.
We also got a subscription to iblocklist.com and I've added known proxies to a blocklist. The list is automatically updated every day.
I'm getting reports that UltraSurf is still working, so I don't know where to go from here.
Any ideas?
6
Posted on 12/12/14 at 12:04 pm to Casty McBoozer
What I need is an up to date list of all the UltraSurf proxy sites, which apparently is hard to maintain.
Posted on 12/12/14 at 12:05 pm to Casty McBoozer
So, you're asking for help to block non-work related surfing? From a message board that you're likely going to end up blocking?
Posted on 12/12/14 at 12:07 pm to Casty McBoozer
Can't you just email the person using it and tell them they are not allowed to?
Posted on 12/12/14 at 12:07 pm to Casty McBoozer
Let the damn employees surf the damn web as they please.
Posted on 12/12/14 at 12:12 pm to bradwieser
Loss of productivity and usually leads to shite going the computers getting viruses, malware, etc.
Posted on 12/12/14 at 12:14 pm to jmarto1
I thought I put this on the tech board, sorry.
Posted on 12/12/14 at 12:15 pm to Casty McBoozer
I don't know how you could do this without something that does deep packet inspection, so it can go "Hey that is bound for UltraSurf, I am dropping that"
Posted on 12/12/14 at 12:17 pm to SG_Geaux
quote:
I don't know how you could do this without something that does deep packet inspection, so it can go "Hey that is bound for UltraSurf, I am dropping that"
By deep packet inspection do you mean the destination IP address?
If I had a current list of all UltraSurf proxies I could block this easily.
Posted on 12/12/14 at 12:21 pm to Casty McBoozer
Posted on 12/12/14 at 12:21 pm to Casty McBoozer
I still don't see why you don't just email the person using it, and everyone else, and let them know that they are not allowed to and using it is cause for termination. It would take 30 seconds and fix the issue.
Posted on 12/12/14 at 12:23 pm to lsu480
quote:
It would take 30 seconds and fix the issue.
It would not fix the issue. Been doing this for almost 15 years.
Posted on 12/12/14 at 12:42 pm to lsu480
quote:
I still don't see why you don't just email the person using it, and everyone else, and let them know that they are not allowed to and using it is cause for termination. It would take 30 seconds and fix the issue.
Because this isn't corporate and you can't fire these people.
This post was edited on 12/12/14 at 12:43 pm
Posted on 12/12/14 at 12:44 pm to SG_Geaux
quote:
Like This ?
Yeah, something like that. I wish it didn't have port numbers appended, I'd have to strip all that off. I also wish I could filter that because I block most of those outbound ports anyway, I'm pretty much concerned with 443, 80, etc. I guess I'll go through that and make my own list. I wonder how often UltraSurf is adding proxies though. With the i-blocklist site I had the url and the firewall automatically keeps the list updated.
Thanks though.
Posted on 12/12/14 at 12:48 pm to Casty McBoozer
quote:
so I had her
Wait another week (when she's not oozing) and tell her to spend the money and get real about her IT solutions.
Just laptops people bring home and back to work? Really?
Posted on 12/12/14 at 12:55 pm to soccerfüt
quote:
Wait another week (when she's not oozing) and tell her to spend the money and get real about her IT solutions.
Just laptops people bring home and back to work? Really?
Once again, this is not corporate.
Posted on 12/12/14 at 2:10 pm to Casty McBoozer
quote:
Once again, this is not corporate.
What does that mean? Like retail or something?
Posted on 12/12/14 at 4:08 pm to Pettifogger
quote:
What does that mean? Like retail or something?
Like these aren't employees we're trying to lock down.
Students.
This post was edited on 12/12/14 at 4:09 pm
Page 1 of 1
Popular
Back to top
Follow TigerDroppings for LSU Football News