[c-nsp] proxy anonymizer blocking

madunix at gmail.com madunix at gmail.com
Sun Jul 24 01:54:15 EDT 2011


I am currently using a squid web filter to manage access to the
Internet from office network beside ASA. I know anonymous proxies are
hard to block because they are a constant moving target with new ones
opening daily. My question is there away to test the headers of
anonymous browsing and block it.

Thanks

On Sat, Jul 23, 2011 at 11:39 PM, Scott Granados <scott at granados-llc.net> wrote:
> Oddly enough, that's the same way you secure a windows box, especially the
> turn off part.:)
>
>

>
> On Sat, 2011-07-23 at 19:56 +0300, madunix at gmail.com wrote:
>>
>> Does anyone know if there is a way to block anonymous proxy using the ASA?
>
> There are several ways. I can think of the following off the top of my
> head:
>
> - Turn off the ASA
> - Unplug all network cables from the ASA
> - Attach "deny all" access-lists to every interface.
>
> Hope this helps. :-)
>
> Joking aside, I think you need to be more specific regarding "anonymous
> proxy". For example what protocol? What is your criterion for
> "successful" blocking?
>
> --
> Peter


More information about the cisco-nsp mailing list