International Business Times (IBT) recently reported that “Many young people are turning to proxy servers to get round their school’s internet security systems to access banned websites, including social networks and gaming sites.”
This concern was also raised in our recent “Notes on E-Security Development” blog.
Majority of schools and educational institutions in developed countries are investing in sophisticated security solutions to help protect their internet resources. However, by using public proxy sites students are able to bypass security solutions and disguise their inappropriate activity from being detected.
When a proxy server is used a student will appear to be visiting only one site, the proxy itself, and not the blocked or banned target site. Any internet surfing they do after that is effectively invisible.
IBT also states that the number of public proxy sites has increased dramatically over the past few years. In 2006 M86 Security estimated the number of proxy sites to be 7,111. By 2009 the new estimate had risen to an amazing 91,490.
Using proxy sites to access blocked sites puts both the schools and the students at risk. The schools are at risk because the virus ridden proxy sites can contaminate their entire network and enables students to access the blocked sites already deemed as high risk. Students (and teachers for that matter) can personally suffer if a proxy site hosts malware, such as a trojan. Once a trojan has spread to computers, hackers can access them remotely and steal data, log keystrokes, and thus easily grab personal passwords and credit card numbers.
So what to do then? A spokesman for JANET, which carries data traffic between many local school networks in the United Kingdom, said: “I would agree that using proxy servers to get around security systems is indeed a problem. Technical solutions need to be used as one aspect of a wider approach to protecting users, including educating children, teachers, and parents in how to use the web safely.”
Education is certainly the key but it is also important to make the most out of security and monitoring solutions. Yes, it is impossible to effectively identify and manage all the 91,490 proxy sites out there. However, you might find that out of those 91,490 around 20-40 are commonly used and shared among the students at a specific school. Many public proxies use IP addresses (as opposed to site names) to avoid easy detection, so a spike in a certain IP address could be an indication that it is a popular proxy site.
Read our “How to Improve Public Proxy Management and Control” blog for tips on detecting public proxy usage.
See also:
- How to Improve Public Proxy Management and Control
- Another Reason Organizations Should Avoid Excessive Internet Blocking
- Notes on E-Security Development
- Who should take the responsibility for Adolescent Cyber Bullying?
- Business benefits from monitoring and reporting on Internet, email and network log files
Had configure SQUID for Windows. I was a linux guru back in the old days until such time when SQUID was released to support Windows and an office consult me of setting up their web proxy cache I tried using this and it’s awesome. In my page I’ve put step by step configuration on Windows with scripting on squid.conf on how to block sites like streaming,porn sites and block port.