Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 1 subscriber
  • Views 7202 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Proxy Anonymizer Getting Through

trkneller
Our students have the category Anonymous Proxies blocked in v7.009, but they are still getting to a particular anonymizer:  ninjaproxy.com.

I checked this URL at Astaro's URL checker and it says it is in category: 

For V7:
http://ninjaproxy.com is in our list and categorized as Proxies & Translators

I checked the exception list, too, and didn't find anything that should allow this through. Is there a way to find out what is allowing this through?

Is there anything else I can look at to determine how this is getting through?


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to trkneller
    This website is classified with Websense and Fortinets content filters as
    Fortinet 2.0
    The URL http://ninjaproxy.com/  is rated in FortiGuard Web Filtering 2.0, as

        * Category: Proxy Avoidance
        * Classification: Unclassified

    Websense

    ninjaproxy.com is in our list and categorized as Proxies & Translators 

    So I assume something else may be allowing it thru than?

    Try this site to see if it can help you any
    http://centralops.net/co/



    whois resolves to DNS: ns1,ns2,ns3 freeproxies.org
    ninjaproxy.com , .net, .org  are all registered and active.

    Dont know if this helps or not
  • 0 in reply to mech9122
    How does your ASG Surf Protection configuration look like, which categories are blocked?
    thx Gert
  • 0 in reply to Gert Hansen
    For our students we are blocking the following categories:

    Abortion
    Alcohol
    Anonymous Proxies
    Auctions / Classified Ads
    Banking / Home Banking
    Building / Residence / Architecture / Furniture
    Categorization Failed
    Chat
    Cinema / Television
    Cities / Regions / Countries
    Communication Services
    Computer Crime
    Computer Games
    Dating / Relationships
    Digital Postcards
    Erotic / ***
    Fashion / Cosmetics / Jewelry
    Financial Services / Investment / Insurance
    Gambling
    Humor / Comics
    Illegal Activities
    Illegal Drugs
    Investment Brokers / Stocks
    Music
    Nature / Environment / Animals
    Newsgroups / Bulletin Boards / General Discussion Sites
    Non-Governmental Organizations
    Political Extreme / Hate / Discrimination
    ****ography
    Private Homepages
    Recreational Facilities / Amusement / Theme Parks
    Religion
    SMS / Mobile Phone Accessories
    Search Engines / Web Catalogs / Portals
    Sects
    Self-Help / Addiction
    Software / Hardware / Distributors
    Sports
    Suspicious
    Swimwear / Lingerie
    Tobacco
    Uncategorized
    Vehicles / Transportation
    Violence / Extreme
    Warez / Hacking / Illegal Software
    Weapons
    Web Mail

    For our High School students we unblock the following categories:

    Art / Museums / Memorials / Monuments
    Education
    Governmental Organizations
    Literature / Books
    Restaurants / Bars
    Toys
    Health
    Job Search
    Online Shopping
    Political Parties
    General News / Newspapers / Magazines
    IT Security / IT Information
    Travel


    Our exception list does not have any reference to this ninjaproxy site or it's IP.
  • 0 in reply to trkneller
    ninjaproxy is blocked on our system ... Version 7.011.  Try creating a custom "master category" and adding anonymous proxy in, then add it to the block list, maybe something's corrupt?

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    If you have your proxy as transparent it will not filter the https://ninjaproxy.com website, but if you have in in standard mode it will.  

    I know cause I just tried it.  We are using 7.010
  • 0 in reply to mninnc
    The reason for this is that http transparent mode only processes http which means tcp port 80. the url you specified uses https, means tcp port 443. 

    ASG can not yet transparently decrypt ssl encrypted connections, 
    therefore we do not redirect this port.

    if you swich to standard or authentication mode, than we can also https connections like ninjaproxy.com.

    regards
    Gert
  • 0 in reply to Gert Hansen
    trkneller have you had any luck with this?  According to the log

    /var/log/http.log:2007:10:18-07:36:57 (none) httpproxy[16692]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" srcip="an IP" user="some user" url="www.ninjaproxy.com/favicon.ico" method="GET" size="209" 


    Does this not show a fav icon for whom ever this is using an http connection?
    Anyone?
  • 0 in reply to mech9122
    Looks like you've got a good point; I can't test in transparent mode right now, but in SSO and Standard mode this is blocked.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.