Question

Locked

blocking proxy through group policy

By troyreynolds ·
Here within our campus environment, we have an issue with users running local proxy servers in order to bypass the content filter/firewall. In an attempt to stop this activity, there is a GP in place to prevent the user from editing the proxy settings in the internet options. This works great if the user is the one editing the settings, but what we have discovered is that they are using a program (or several, as it seems) that are on flash drives.

These programs appear to run a script that eliminates the need for any interface in order to change to the settings it needs. Simply "greying out" or removing the "connections" tab in internet options is not preventing this.

I have even explored registry "hacks" but the settings for IE and the internet options are all located in the user areas of the registry, and the limited accounts are unable to modify the registry, and attempting to modify it from an Admin account is difficult to do for other users.

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Try forcing a proxy connection to a University run Proxy Server. {NT}

by SKDTech In reply to blocking proxy through gr ...
Collapse -

use own proxy

by El_Duce In reply to blocking proxy through gr ...

set up your own proxy and deny access to internet except from through your proxy.

Collapse -

Question....

by ---TK--- In reply to blocking proxy through gr ...

what kind of proxy are you using?

Couple thoughts... if they are Local, such as with in your LAN, you could statically assign their MAC address to an IP, and add an ACL rule to deny that IP from accessing anything.

Or you could disable the users Domain accounts, because they are abusing the universities policies.

Or you could add their MAC address as a server in your domain, create a script that anytime that server is turned on force the server to shutdown.

Or you could disable their USB ports...

Its a dirty game of cat and mouse, Personally, I would get your managers approval to hack the hackers...

LOL, your a domain admin, you have root priv. Look into these tools and use your imagination... http://technet.microsoft.com/en-us/sysinternals/bb545027.aspx
especially at the PS tools. :) have fun!

Back to Networks Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums