Windows Thread, Proxy bypass details in cookies in Technical; Would agree with Jona - passwords need never be stored in cookies, and its unlikely you'll find much, as the ...
2nd April 2008, 02:26 PM #16
Would agree with Jona - passwords need never be stored in cookies, and its unlikely you'll find much, as the "decision" is made at facebook/bebo etc., the proxies merely proxy cookies in the same way they do HTML.
None of the common proxy tools I have... dismantled.. come with password pinching as standard. The usual way to make money is from adwords (though its against google's ToS to do this except on the front page...).
Of course I am going to advocate use of real content filtering to block proxies, as "scare tactics" only go so far. Would still employ the old "bogeymans gunna get you" line though, as its certainly inadvisable to use a proxy in *any* scenario, and, for example, to be caught using one in a commercial/work environment is much more serious, so it is arguably a good education!
2nd April 2008, 02:28 PM #17
OK, let me make it clear - we too DO NOT allow proxies, nor the searching of, and we too have banned many, many sites.
Originally Posted by Theblacksheep
We also have prevented keyword searching.
However, youngsters being youngsters, they will find ways to circumnavigate any defence you put in place.
There is nothing to stop them utilising their own home connections to make a list, scribble it down, and bring it to school. So long as it hasn't already been blocked, or doesn't contain keywords, then it is wide open.
We found one the other day 'jeremyfones.com' or similar - who would think a site called that offered a proxy!?!?
2nd April 2008, 02:39 PM #18
And this works for you? Perhaps you can explain how you implement a content filter, and how you would ensure this worked when students access sites thru a proxy by-pass?
Originally Posted by j17sparky
The idea to "scare" them however, is a two pronged approach.
Firstly, it will stifle their desire to access proxy by-pass sites if they think the ICT Teks can then see their account details.
Secondly, it will maybe educate them for the future.
I don't hold out any hope for the latter, the former would mean an awful lot less work for us in the long run and probably work far better than any 'education' on the matter!
Anyway, over to you concerning the content filter....
2nd April 2008, 03:05 PM #19
True, but it will hopefully shock them into realising just how much information about themselves they put out there for all the world to see, which is arguably a more important lesson than making them realise that a proxy by-pass site might harvest their MySpace details.
Originally Posted by Tx2online
2nd April 2008, 03:40 PM #20
I just signed up to the mailing list of new proxies on my webmail account. It send through a list every now and then new ones which we block.
Seems to work for us. No idea why smartfilter cant do this as a company though, they seem very slow at blocking this particular type of site.
2nd April 2008, 03:49 PM #21
Yes it works. It isnt like a black-list/white-list one, it actually looks at the content of the page not just the URL. Without going into detail it just looks for key words and passes judgment on the site based on the naughty words, but also looks at common phrases wi=hcih include naughty words but in a non-naughty context ie The Naked Chef, Blue Tits
Originally Posted by Tx2online
Have a word with Tom_Newton. He works for a company called Smoothwall. Obviously he is going to sell his product but listen to him, the product works and afaik i havnt seen him telling porkies on this forum.
Heres what his product is built on, if you know your stuff on linux you could build your own. Or you could use a free proxy and mod it with Dansguardian - Smoothwall Community is an example.
DansGuardian - True Web Content Filtering for All
Last edited by j17sparky; 2nd April 2008 at 03:53 PM.
2nd April 2008, 04:02 PM #22
In all honesty I'm more concerned with them accessing a proxy by-pass site in school, on my time, when i then have to spend time sorting it out when I already have a workload that could easily employ another tech.
Originally Posted by NickJones
Whilst we all perhaps have a moral/social responsibility in respect of online safety, that is for another conversation at another time. Even if I did convince the kids to not reveal all that they do on these sites, and they followed my advice, would it stop them accessing such? Would they suddenly stop accessing anything via proxy by-pass? I doubt it...
No, my concern is stopping the proxy by-pass in the first place - I want a method that will make them think twice about doing so, and the 'shock and awe' method of them realising that their account details might be exposed in a cookie because they access these sites using a by-pass seemed a good solution - unfortunately, it doesn't seem cookies that these sites generate contain enough info to do that.
Blocking sites, banning searches on keywords, and locking user accounts is going to be a long slog i fear.
2nd April 2008, 04:19 PM #23
I had a thought, the main objection is that it could be wrong legally to snoop on the data using the privileges that are given to us by our jobs. A fairly good way around this would be to start your own proxy site and carefully disseminate the information so that the students did not know that it was the school itself.
They are then choosing to use your service that can grab details that they provide. just put an eula on the thing in really tiny writing that it may be monitored for quality control or something and you should be sorted.
Let it run for a couple of weeks then call the offending students up at assembly to receive their own passwords on a bit of paper. Shock, Awe and shame the trifecta of learning. (just kidding discression would probably be advised)
I'm sure that there it some open source software out there that would let you set up a proxy like that.
Edit: Oops, this should be in your other thread.
Last edited by SYNACK; 2nd April 2008 at 04:57 PM.
By bishopsgarthstockton in forum Links
Last Post: 7th December 2006, 12:29 PM
By ticker in forum Windows
Last Post: 24th May 2006, 10:28 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)