FACEBOOK!

[Dukey]

Hi guys we are having a problem our students are getting on facebook and we have blocked the site we have also blocked the proxy packs they were using also stop them from changing the LAN settings using GPO but they are still finding a way on and we are out of ideas
any suggestions appreciated
thanks

[KK20]

how are you blocking it? What software are you using? Can you "monitor" (VNC et al) someone going on facebook and watch what they do? Get a "stooge" to help

Are they going directly onto facebook? Can you check the internet logs for a specific person at a time they were seen going on facebook?

[Dukey]

we use panda for our internet filtering and we do have VNC but its only set up i one computer room at the moment because that room is were it all stated, the stooge idea is a good one but i think it would be a bit costly lol. we use a program called iehv where we can see what date and time they go on the site but the problem is, is that they arnt going directly on the site via Willkommen bei Facebook | Facebook and there are many proxy packs out there i know but they only used the ones we blocked (they are 'special' kids not the brightest) but obviously brighter than us tech guys

[apoth0r]

Which ISP do you have? Would be worth getting them to monitor traffic for a while and pick up on the proxy sites being used.

[Domino]

in all honesty, you'll never be able to block all proxy sites using a blacklist.

I used to spend hours a week keeping ours up to date.

You'd do better to invest in a 'smart' filter that does page scanning, personally I can recommend Smoothwall - putting ours in solved a heap of problems and instantly made all the students hate me :-p

[rpycroft]

Hi, I've not done it for a while now, but I used to live monitor our ISA traffic to see what IP traffic was coming from, then when I saw anything that looked suspiciously like a proxy or games site I'd use Dameware Mini Remote Control (you have to pay for it but it's not a lot) to get onto that machine (you can push out the client software from your end to theirs) and see what URLs they're trying to get on. I used to sometimes see a kid trying 60 or so pages of google search results for search terms like "proxy sites"...

...good luck!

[apoth0r]

+1 for Smoothwall from me too, also perhaps using a program such as 'Terminator X' which reads the title in the window and closes if it displays a certain word 'Facebook' for example.
Annoys them to hell and they soon give up trying

[Dom_]

+1 for smoothwall

Otherwise stick a keylogger on a few machines, get a few of their username and passwords and hijack their accounts, then send a memo to be read to all kids that using proxy sites allows the proxy hosts to see your username and passwords :-)

[apoth0r]

That's sneaky sneaky Dom, but made me 'mu ha ha'

[computer_expert]

another vote for smoothwall here.

if you have a squid proxy, then you could set up the firewall to only allow traffic from the ip address of the squid box to force all traffic to go through the proxy and be logged

[tom_newton]

Domino is right - a blacklist will never keep up. Get a filter that offers Dynamic Content Analysis *and* some HTTPS scanning. Our filter is one such product - but in the spirit of fairness, there are others which are also good.

[elsiegee40]

We have RM safetynet, which while not ideal as far as I'm concerned (but then I had no say in buying it) does the proxy blocking job pretty well.

The 'New Proxy site' threads that appear on here are a good measure. Smoothwall invariably gets the lot, but Rm isn't far behind.

[ninjabeaver]

Smoothwall here as well. Well worth the small investment.

[glennda]

ours is all filtered by our lea, but its rubbish and blocks all sort of useful information and allows alot of stuff through, but setting up vnc on all machines is pretty simple, download fastpush and set it up with a text file with all pc names in and it will silently install the client on all the machines, then just watch what they are going on remotley and see whats being used to access facebook

[Tyiell]

We use Dansguardian running on Squid (on a Linux install). It has banned phrase lists and a degree of smart filters as well as the usual blacklists, allowing you to ban words like "proxy", "facebook", etc. I've never used Smoothwall or the others, but as a totally open-source alternative, I can't fault it!!

Even then though they still find ways through occasionally - the only way we have found to discourage them trying is that we check the logs and ban their accounts from the web entirely for a week if they muck about. 3 times in a row and its detention, for what its worth!