Blocking Puffin Browser
I am hoping that someone may be able to help with this.
We had a report from a teacher that students were able to access Facebook and other blacklisted sites via managed iPads. We tested this with Safari and they could NOT access anything that was blacklisted.
Upon further investigation we found that the students were using 'Puffin Browser'. The way this browser works is;
- 1. You request a site
- 2. It loads on their server
- 3. Their server then 'projects' a Java translated version of the site to your device, via their own Proxy.
Hence bypassing the traditional security. The good side of this browser is that you can view Flash content easily on i-devices!
We have tried adding cloudmosa.com with various wildcards added to our RM filter and this has not had any effect.
Puffin is an age restricted app, 17+, so we have been thinking down the lines of using our Lightspeed system to filter out age limited packages, is this the best way or is there another way.
Opera Mini does the same thing, so watch out for that!
With Opera Mini though, we blocked their server and it just broke Opera Mini.
Cool that's good to know!
Thank you Achandler!
Watch out for this: I changed the settings on my kids' iPods to block adult rated apps, but unfortunately this some that you wouldn't necessarily expect. The "can't live without" for me at home was BBC iplayer - anything that has the potential to deliver adult content will be covered.
Originally Posted by Chris_the_mad_techy
Thank you for the info jmak! We'll have to keep thinking!!!
We have since added an array of IP adresses linked to Puffin/Cloumosa and as yet we still have not managed to block it!! We could really do with some fresh ideas!
Do you know the domains they use? Do you use your own DNS server? If so, create a forward lookup zone on your DNS server for their domain and create an A record in it that points to 127.0.0.1
Just downloaded this to have a play, and found it's blocked already here - not sure where though!
Have you read https://kb.bluecoat.com/index?page=c...B5387&actp=RSS which mentions denying their security certificate (as all their traffic is SSL'd, hence why you can't block it at URL level).
I have light speed here to, and it was blocked by my normal settings. I was testing getting flash content to the ipads and allowed their IP range through. When I discovered the proxy like behavior I blocked it again.
Three items we have ticked are, block unknown urls, filter non http by IP, and block p2p. I think puffin fell under one of these three.
I hope you get it sorted.
Block all outgoing traffic from that network segment unless it is going to your content filter.
We had the same issue and had to pass it on to SWGfL who invesgiated and then blocked it for the whole of the grid.