Author Topic: Block Ultra Surf  (Read 5334 times)

robb

  • Guest
Re: Block Ultra Surf
« Reply #15 on: September 11, 2012, 08:58:13 am »
If it would be sufficient to use explicit proxy, then I would be very interested in the set of rules necessary to get the result of actually blocking a service like UltraSurf. (Or any similar service)

christian

  • Guest
Re: Block Ultra Surf
« Reply #16 on: September 11, 2012, 09:35:24 am »
Explicit proxy is not enough to block Ultrasurf but it permits to:
- deny access to "plain text URL" using HTTPS (which is not feasible using transparent proxy)
- implement in parallel Squid ACL preventing to reach IP based URLs

As far as I understand, if you implement only IP based ACL, bypass using plain text HTTPS URL will still be feasible isn't it?
Or I might be wrong too  :-[