[K12OSN] How to block myspace.com
Mike Ely
mely at rogueriver.k12.or.us
Thu May 25 18:10:45 UTC 2006
Dan Young wrote:
> Mike Ely wrote:
>> Dan Young wrote:
>>> Sure, or go to one of a thousand different web proxies.
>>>
>> You can catch the vast majority of those with a scant few regexes tested
>> against the URL:
>>
>> (nph-proxy.[cgi|pl])
>> (nph-proxya.[cgi|pl])
>> (nph-proxyb.[cgi|pl])
>> (nph-surf.[cgi|pl])
>> (nph-one.[cgi|pl])
>> (nph-teste.[cgi|pl])
>>
>> That'll work until the kids figure out to rename the path to their
>> proxy. Then you'll have to use deeper inspection.
>
> Yeah, grep is your friend.
>
> What I was getting at is that there may be a point of diminishing
> returns, where an "arms race" will push the kids who _will_ get to where
> they want to go further underground. Then you lose your auditing
> capability. Just as an example, have you seen this?
>
> http://torpark.nfshost.com/
>
> I noted earlier that I've also seen several lately with obscured URLs,
> i.e. base64 encoding or ROT13. I ran across one today that seemed to use
> a substitution cipher, with the key embedded as part of the URL. Whee fun!
>
Absolutely. The technology to obfuscate will always win over our
blocking given a determined attacker. Supervision is key...
More information about the K12OSN
mailing list