A whitepaper on Proxy Abuse - Tech Learning

A whitepaper on Proxy Abuse

From SmoothWall's 2009 whitepaper Anonymous proxy servers that pass users' web requests onto other servers on the internet are becoming an increasingly pervasive problem in schools – and one that can only be prevented with intelligent filtering solutions. Anonymous proxies pose
Author:
Publish date:

From SmoothWall's 2009 whitepaper

Anonymous proxy servers that pass users' web requests onto other servers on the internet are becoming an increasingly pervasive problem in schools – and one that can only be prevented with intelligent filtering solutions. Anonymous proxies pose a problem for educational establishments that need to safely control and monitor their users' web access. For instance, students can use anonymous proxies to browse secretly and view banned online content without disclosing the URLs they visit to filtering devices. Although keyword-based filters will catch sites with 'proxy' in the title, most have legitimate-sounding names like examstudies.com . Using a web filtering solution that doesn't block proxies is the equivalent of putting a big bolt on your front door but leaving the back door wide open.

How do Students find out about Anonymous Proxies?
Try entering "unblock myspace" into Google – the results run to hundreds of thousands of sites, all offering the same thing – anonymous browsing. These 'Backdoor' URLs are passed quickly from student to student, and there are also plenty of step by step videos on YouTube showing students how they can use proxy tools to bypass school filters. These are the very skills that we don't want our children to learn in school – digital lockpicking and worldwide web breaking and entering.

Risks of Proxy Abuse
Legal risks: Although schools are not yet facing lawsuits for security breaches due to anonymous proxies, a protective parent may eventually decide to prosecute. American schools must comply with the Children's Internet Protection Act (CIPA), a federal law enacted by Congress in 2000 designed to protect children using school, college and library computers from offensive Internet content. All obscene, harmful and pornographic content must be blocked and all student web use monitored. Institutions that fail to comply risk losing e-rate funding.

Malware: Proxy sites also help malware and other web-related threats to sneak into networks undetected. SSL proxies are a particular problem since the secure tunnels used allow malicious viruses and worms to sidestep firewall and web filtering security entirely.

Phishing and password theft: Many students who use proxies are unaware of the risks to their own personal security and identity. Malicious proxy servers are capable of recording everything sent to the proxy, including unencrypted logins and passwords. Although some proxy networks claim to only use 'safe' servers, due to the 'anonymous' nature of these tools, proxy server safety is impossible to police. Students should be educated to understand that whenever they use a proxy, they risk someone "in the middle" reading their data.

Tips to prevent Proxy Abuse
-Educate teachers to recognize illicit surfing or proxy abuse and report it to the IT dept.
-Educate students about the danger of using proxies.
-Allow slightly more lenient filtering outside of core hours.
-Make sure your AUP covers anonymous proxying and that both students and teachers are familiar with its content. Make it clear that proxy abuse can be tracked to individuals.

Featured

Related

Online resource supports Web 2.0 leadership promo image

Virtualization: A Primer

While funding evaporates in these harsh economic times, virtualization benefits budgets, education, and the environment while improving security. Here are some ways to virtualize DesktopThe entire desktop environment, including the operating system, runs on a remote desktop or server. Typical

Study: Schools Vulnerable to Anonymous Proxies

A new research report issued today from Bloxx reveals that anonymous proxies, which students use to get around Web filtering controls, are still a common threat for IT professionals looking to protect students from inappropriate content and malware attacks against their networks.

Mutli-media grants to boost literacy, math skills promo image

Making Sense of the Stimulus and EdTech—A Cheat Sheet

Secretary of Education Arne Duncan last month announced that $44 billion for states and schools is now available under the American Recovery and Reinvestment Act (ARRA) of 2009. The Feds hope these monies will, “lay the foundation for a generation

Image placeholder title

CTE: A Springboard for Success

When it comes to competing for jobs or gaining admittance to two- or four-year colleges, graduation from high school is a bareminimum requirement.

Image placeholder title

Clarksville Students Excel with A+®

The Clarksville Montgomery County School System (CMCSS) in Tennessee has been using the A+nyWhere Learning System® (A+LS™) courseware from American Education Corporation since 2003.

A Beginner's Guide to School Security

While the creation of a global computer network has brought a wealth of new resources and opportunities to education, it's also opened a Pandora's box of security concerns for district technology staff and other administrators. From students downloading unauthorized software to the threat of viruses destroying

Image placeholder title

A Ning Primer

As many of our readers know, Ning.com is a web tool that allows educators to build an ad free social networking site (e.g. Facebook and MySpace are two of the most popular social networking sites) to supplement their class.  The

Freedom: A History of US

Name: Freedom: A History of US Brief Description of the Site: Based on Joy Hakim's critically acclaimed book this PBS television series come with a remarkable web site to study American history. The site follows the series sequence and is divided into "Webisodes". Access to the book and the series would be nice