Psiphon is another hard to stop program. I’ll look into astrill and hotspot shield, thanks for the heads up.
Psiphon has little trouble bypassing SSL inspection and layer 7 detection.
What legal reasons? I’d be surprised if there was any expectations for a large amount of effort to be done beyond standard Application/Content filtering.
I was able to block this one today using group policy and software restrictions based on exe signature. Worked well.
Government mandates that schools must provide a filtered network. While it could be argued that we do that, management disagrees when students can get straight out.
It can’t be run on our domain computers due to SRP whitelist and no admin rights for anyone. BYOD is another thing…
Yes, management often like making management related issues into technical ones but we have to fight back against that shitty behaviour.
Yeah, I definitely agree. Unfortunately you can’t always block everything.
I will admit, it’s great that these services exist. However they really are making my job a bloody nightmare these days haha.
Apologies if this is a US sub, we’re not actually in the US so our laws are a little different unfortunately.
I think we’re going to be pushing it to catch them when they’re doing all kinds of shady shit. You can see here that they’re sending an SNI field of cloudfront.net when the dest IP is owned by EGI Hosting. So unless an amazon service is being run on another hosting provider… Something shady is occurring here haha.
No worries, fair assumption to make.
Thing is though, not sure how SSL MITM is going to help… What extra information would that give us? Surely it’s just going to look like cloudfront.net still?
I think the never ending whack-a-mole is the sad reality.
We spend over 1B USD in computers and IT, ssl decription gets expensive fast. Our current POC is iBoss, it works on the client end and we can set rules based on groups. I, teacher can get to Pinterest, students can not. If you own devices that may be an option, if BYOD I would not suggest it.