PxPixel
A whitepaper on Proxy Abuse - Tech Learning

A whitepaper on Proxy Abuse

From SmoothWall's 2009 whitepaper Anonymous proxy servers that pass users' web requests onto other servers on the internet are becoming an increasingly pervasive problem in schools – and one that can only be prevented with intelligent filtering solutions. Anonymous proxies pose
Author:
Publish date:

From SmoothWall's 2009 whitepaper

Anonymous proxy servers that pass users' web requests onto other servers on the internet are becoming an increasingly pervasive problem in schools – and one that can only be prevented with intelligent filtering solutions. Anonymous proxies pose a problem for educational establishments that need to safely control and monitor their users' web access. For instance, students can use anonymous proxies to browse secretly and view banned online content without disclosing the URLs they visit to filtering devices. Although keyword-based filters will catch sites with 'proxy' in the title, most have legitimate-sounding names like examstudies.com . Using a web filtering solution that doesn't block proxies is the equivalent of putting a big bolt on your front door but leaving the back door wide open.

How do Students find out about Anonymous Proxies?
Try entering "unblock myspace" into Google – the results run to hundreds of thousands of sites, all offering the same thing – anonymous browsing. These 'Backdoor' URLs are passed quickly from student to student, and there are also plenty of step by step videos on YouTube showing students how they can use proxy tools to bypass school filters. These are the very skills that we don't want our children to learn in school – digital lockpicking and worldwide web breaking and entering.

Risks of Proxy Abuse
Legal risks: Although schools are not yet facing lawsuits for security breaches due to anonymous proxies, a protective parent may eventually decide to prosecute. American schools must comply with the Children's Internet Protection Act (CIPA), a federal law enacted by Congress in 2000 designed to protect children using school, college and library computers from offensive Internet content. All obscene, harmful and pornographic content must be blocked and all student web use monitored. Institutions that fail to comply risk losing e-rate funding.

Malware: Proxy sites also help malware and other web-related threats to sneak into networks undetected. SSL proxies are a particular problem since the secure tunnels used allow malicious viruses and worms to sidestep firewall and web filtering security entirely.

Phishing and password theft: Many students who use proxies are unaware of the risks to their own personal security and identity. Malicious proxy servers are capable of recording everything sent to the proxy, including unencrypted logins and passwords. Although some proxy networks claim to only use 'safe' servers, due to the 'anonymous' nature of these tools, proxy server safety is impossible to police. Students should be educated to understand that whenever they use a proxy, they risk someone "in the middle" reading their data.

Tips to prevent Proxy Abuse
-Educate teachers to recognize illicit surfing or proxy abuse and report it to the IT dept.
-Educate students about the danger of using proxies.
-Allow slightly more lenient filtering outside of core hours.
-Make sure your AUP covers anonymous proxying and that both students and teachers are familiar with its content. Make it clear that proxy abuse can be tracked to individuals.

Featured

Related

Online resource supports Web 2.0 leadership promo image

Virtualization: A Primer

While funding evaporates in these harsh economic times, virtualization benefits budgets, education, and the environment while improving security. Here are some ways to virtualize DesktopThe entire desktop environment, including the operating system, runs on a remote desktop or server. Typical

Study: Schools Vulnerable to Anonymous Proxies

A new research report issued today from Bloxx reveals that anonymous proxies, which students use to get around Web filtering controls, are still a common threat for IT professionals looking to protect students from inappropriate content and malware attacks against their networks.

Mutli-media grants to boost literacy, math skills promo image

Making Sense of the Stimulus and EdTech—A Cheat Sheet

Secretary of Education Arne Duncan last month announced that $44 billion for states and schools is now available under the American Recovery and Reinvestment Act (ARRA) of 2009. The Feds hope these monies will, “lay the foundation for a generation

Image placeholder title

CTE: A Springboard for Success

When it comes to competing for jobs or gaining admittance to two- or four-year colleges, graduation from high school is a bareminimum requirement.

Virtualization: A Primer

While funding evaporates in these harsh economic times, virtualization benefits budgets, education, and the environment while improving security. Here are some ways to virtualize DesktopThe entire desktop environment, including the operating system, runs on a remote desktop or server. Typical

A Beginner's Guide to School Security

While the creation of a global computer network has brought a wealth of new resources and opportunities to education, it's also opened a Pandora's box of security concerns for district technology staff and other administrators. From students downloading unauthorized software to the threat of viruses destroying

Cyber Security: A Survival Guide

Districts everywhere recognize that their growing mountain of information provides significant potential for improving educational outcomes and administrative efficiency-but also for mischief, disruption, and malice. So, how do we protect ourselves? Heads nod when we suggest the increasing importance of careful