Re: Blocking Proxy/HTTP Tunneliing servers

[Joel Rosenblatt <joel () COLUMBIA EDU>]

Hi,

I can't answer this because we do not censor web access.

A bigger question in my mind is how many institutions think that censorship of web access is acceptable and for what 
reasons?

Thanks,
Joel Rosenblatt

--On Monday, February 06, 2006 10:15 AM -0600 Justin Dover <dover () harpethhall org> wrote:

> I am curious to how you guys are handling these outside internet proxies that are allowing students
> to access websites that you specially block.  My situation is we block a few websites via DNS
> pointing the address to 127.0.0.1.  Students can use a number of different sites to access these
> blocked web addresses.  A few examples are [ http://www.unipeak.com ]www.unipeak.com and [
> http://www.virtual-browser.com ]www.virtual-browser.com.
>
> Do you just get a list of all the ips and web addresses and just add them to your dns and firewall
> ACLs?  Do you use a product like websense to handle all of this at a content level?  I hoping there
> is another way besides blocking each proxy server by ip.  I am a huge fan of ACLs on my Cisco
> ASA5510 but do not want to add several 100s just for this task.
>
> Justin Dover
> Harpeth Hall School
> 615-346-0082



Joel Rosenblatt, Senior Security Officer & Windows Specialist, CUIT
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel - You can't spell seCUrITy without CUIT