For the typical IT administrator trying to handle end-users that are trying to get around the corporate proxy, it can be a frustrating and never-ending task. New proxy avoidance sites seem to pop up every day, so it's extremely difficult to keep a blacklist of proxy avoidance sites up to date.
This is one instance where real time dynamic rating can help. Most IP addresses used as a proxy avoidance site have live web pages at that IP address that explain how to use that IP address for proxy avoidance.
These web pages can be dynamically rated by those proxies that have the ability to do real time rating. A good engine should categorize these IP addresses as proxy avoidance sites, a classification that should be blocked in the corporate proxy. As long as you're using transparent proxy, all http should be going through the proxy regardless of the proxy IP addresses used by the end-users and blocked using policy set on the proxy itself to block access to proxy avoidance sites.
For protection against proxy avoidance, do the due diligence and make sure your corporate proxy has the best protection against proxy avoidance sites, and can detect new ones as they become available.
Welcome to the Proxy Update, your source of news and information on Proxies and their role in network security.
Friday, July 11, 2008
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment