Saturday Oct 25
  small apple minimize
PH-LWUG.org Community
  October 25, 2014, 12:30:20 AM *
  Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
Search  
Home  Help  Search  Login  Register 
Pages: 1 [2] 3 4 Go Down  
Send this topic Print
Author Topic: how to block https traffic using squid  (Read 26028 times)
grexk
Level 3 Support
*
Gender: Male
Posts: 215
Offline Offline

OS:
Windows 7/Server 2008 R2 Windows 7/Server 2008 R2
Browser:
MS Internet Explorer 8.0 MS Internet Explorer 8.0


WWW
« Reply #15 on: October 05, 2010, 05:09:41 AM »

Na-try ninyo na ba kahit block lahat ng ports, except sa proxy yung HTTP/S port?
Logged

You need to master one thing and become an expert...
aeonmike
Founder
....................
*


Gender: Male
Posts: 964
Offline Offline

OS:
Windows 7/Server 2008 R2 Windows 7/Server 2008 R2
Browser:
MS Internet Explorer 7.0 MS Internet Explorer 7.0


« Reply #16 on: October 05, 2010, 08:05:23 PM »

Di I try mo sir ng malaman natin kng meron ka ring solution. try mo install sa virtual kng meron ka.

Using L7 Filter

/ip firewall layer7-protocol
add name=ultrasurf regexp="^\16\03\01\00\41\01\00\00\3D\03\01"
/ip firewall mangle
add chain=prerouting action=add-dst-to-address-list protocol=tcp address-list=ultrasurf \
  address-list-timeout=0s  layer7-protocol=ultrasurf in-interface=lan dst-port=443


OR

If Ultrasurf  uses SSL (Port 443) it may be easier to deny all https sites (using squid) and set up a https Allowed list.



« Last Edit: October 05, 2010, 08:11:36 PM by aeonmike » Logged

Do not place your mistakes on your head. Their weight may crash you. Instead, place them under your feet and use them as a platform to view your horizon.
leejohnli
Level 3 Support
*
Posts: 457
Offline Offline

OS:
Windows XP Windows XP
Browser:
Firefox 3.6.10 Firefox 3.6.10


« Reply #17 on: October 06, 2010, 01:59:07 AM »

sir aeonmike, sampolan mo sir mga linux users natin panu gawin yung acl pra sa mga https sites at kung anung https sites lang ang pwede nilang ma-access. Tnx
Logged
nickeldon
Service Desk I
*
Posts: 17
Offline Offline

OS:
Windows XP Windows XP
Browser:
Firefox 3.0.10 Firefox 3.0.10


« Reply #18 on: October 06, 2010, 03:34:05 AM »

hi sir,

kaya ba i-block ang pagreceive ng files through skype?
Logged
djweng
....................
*


Gender: Male
Posts: 687
Offline Offline

OS:
Windows XP Windows XP
Browser:
Firefox 3.6.10 Firefox 3.6.10


« Reply #19 on: October 06, 2010, 03:54:46 AM »

hi sir,

kaya ba i-block ang pagreceive ng files through skype?


Hindi pa po kaya  to sir even the appliance like paloalto network dahil  proprietary encryption ang gamit nila.


Using L7 Filter

/ip firewall layer7-protocol
add name=ultrasurf regexp="^\16\03\01\00\41\01\00\00\3D\03\01"
/ip firewall mangle
add chain=prerouting action=add-dst-to-address-list protocol=tcp address-list=ultrasurf \
  address-list-timeout=0s  layer7-protocol=ultrasurf in-interface=lan dst-port=443


OR

If Ultrasurf  uses SSL (Port 443) it may be easier to deny all https sites (using squid) and set up a https Allowed list.


Mike yung layer7-protocol=ultrasurf ano to based sa filename? kung palitang ng user ang filename?
Logged
nickeldon
Service Desk I
*
Posts: 17
Offline Offline

OS:
Windows XP Windows XP
Browser:
Firefox 3.0.10 Firefox 3.0.10


« Reply #20 on: October 06, 2010, 04:06:40 AM »

hi sir,

wala na ba ibang way para i-block sa skype ang pag receive ng files?
Logged
djweng
....................
*


Gender: Male
Posts: 687
Offline Offline

OS:
Windows XP Windows XP
Browser:
Firefox 3.6.10 Firefox 3.6.10


« Reply #21 on: October 06, 2010, 04:11:32 AM »

Meron naman sir try mo via registry

HKEY_LOCAL_MACHINE\Software\Policies\Skype\Phone, DisableFileTransfer, REG_DWORD = {0,1}
Logged
nickeldon
Service Desk I
*
Posts: 17
Offline Offline

OS:
Windows XP Windows XP
Browser:
Firefox 3.0.10 Firefox 3.0.10


« Reply #22 on: October 06, 2010, 04:41:40 AM »

hi sir, na try ko na po. hindi ako nakapag transfer ng file pero nakakapagdownload pa din ako ng file mula sa ibang peers.

paano ko ibblock iyon? ang kailangan kasi dito sa opis ay to block downloading of files through skype.

thanks
Logged
arc_isles
Level 3 Support
*


Posts: 222
Offline Offline

OS:
Windows XP Windows XP
Browser:
Firefox 3.6.10 Firefox 3.6.10


« Reply #23 on: October 07, 2010, 11:18:04 AM »

magaling yang si ultrsurf exe file lang sya once nagrun bypass na yung mga policy ng internet mo even yung firewall appliance mo. to give more info  eto sir yung site. Sa china nagoriginate ito chief and sa china kasi marami bawal sa mga social networking sites kaya nadevelop. problem ko yan sa network namin heheh di ko pa natry yung L7 filter pero try ko. info ng ultra surf.

http://www.ultrareach.com/usercenter_en.htm

any suggestion that i can use pa post naman mga sir heheh...

thanks.
Logged
arc_isles
Level 3 Support
*


Posts: 222
Offline Offline

OS:
Windows XP Windows XP
Browser:
Firefox 3.6.10 Firefox 3.6.10


« Reply #24 on: October 07, 2010, 11:21:40 AM »

hi sir, na try ko na po. hindi ako nakapag transfer ng file pero nakakapagdownload pa din ako ng file mula sa ibang peers.

paano ko ibblock iyon? ang kailangan kasi dito sa opis ay to block downloading of files through skype.

thanks

chief try mo tong forum na to:

http://forum.skype.com/index.php?showtopic=43974

thanks
Logged
HansCheska™
Tumeng Ti Nuang
....................
*


Gender: Male
Posts: 613
Offline Offline

OS:
Windows 7/Server 2008 R2 Windows 7/Server 2008 R2
Browser:
Chrome 5.0.375.127 Chrome 5.0.375.127


WWW
« Reply #25 on: October 07, 2010, 06:57:12 PM »

There's always a way to stop the Ultrasurf but you need to invest some money to do it. If not then Cat and Mouse chase will prevail.

To block/filter Ultrasurf and other SSL tunnel activity. You must have the following:

1. ISA Server
2. http://www.collectivesoftware.com/Products/ClearTunnel

If you have a spare box then you can try it for 30 days.

ISA Tips/Tools/Add-Ons: http://www.isaserver.bm/


Summary of Steps to Take to Block Ultrasurf
1. At the firewall, block all outbound DNS requests to unauthorized external DNS servers – or – request the list of known Ultrasurf DNS servers and block only those. Ensure that authorized DNS traffic is allowed, including outbound traffic from your internal DNS servers to upstream DNS servers.
2. At the web filter, block docs.google.com by IP address and make sure HTTPS filtering is on.
3. At the web filter, block the Proxy category and make sure that proxy pattern detection is enabled.
4. Remove Ultrasurf cache files in user temp directories – and/or – at the firewall, block the IP ranges of problematic home computer netblocks
« Last Edit: October 07, 2010, 07:09:41 PM by HansCheska™ » Logged

Do not place your mistakes on your head. Their weight may crash you. Instead, place them under your feet and use them as a platform to view your horizon.
leejohnli
Level 3 Support
*
Posts: 457
Offline Offline

OS:
Linux (Ubuntu) Linux (Ubuntu)
Browser:
Firefox 3.6.10 Firefox 3.6.10


« Reply #26 on: October 07, 2010, 10:59:57 PM »

i doubt kung ndi mafilter ni squid ang gnyang mga proxifier app. if you configure sa squid to block SSL port and allow specific dstdomain for your https sites.
Logged
djweng
....................
*


Gender: Male
Posts: 687
Offline Offline

OS:
Windows XP Windows XP
Browser:
Firefox 3.6.10 Firefox 3.6.10


« Reply #27 on: October 07, 2010, 11:03:27 PM »

i doubt kung ndi mafilter ni squid ang gnyang mga proxifier app. if you configure sa squid to block SSL port and allow specific dstdomain for your https sites.

Why don't you try it your self Sir para malaman natin  ang solution mo.
Logged
leejohnli
Level 3 Support
*
Posts: 457
Offline Offline

OS:
Linux (Ubuntu) Linux (Ubuntu)
Browser:
Firefox 3.6.10 Firefox 3.6.10


« Reply #28 on: October 07, 2010, 11:30:31 PM »

I'm using manual proxy here. pertaining to transparent proxy bka pwede pa..sige nga itest ko na dito nacu-curious ako e..ahaha
Logged
HansCheska™
Tumeng Ti Nuang
....................
*


Gender: Male
Posts: 613
Offline Offline

OS:
Windows XP Windows XP
Browser:
MS Internet Explorer 7.0 MS Internet Explorer 7.0


WWW
« Reply #29 on: October 08, 2010, 03:27:39 AM »

Abang mode muna ako.
Logged

Do not place your mistakes on your head. Their weight may crash you. Instead, place them under your feet and use them as a platform to view your horizon.
Pages: 1 [2] 3 4 Go Up  
Send this topic Print
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.10 | SMF © 2006-2009, Simple Machines LLC

Valid XHTML 1.0! Valid CSS!
Page created in 0.057 seconds with 16 queries.