<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
-----BEGIN PGP SIGNED MESSAGE----- <br>
Hash: SHA256 <br>
<br>
Transparent DNS interception is more reliable technics, but requires
some advanced things. Including continious support.<br>
<br>
And also this will not proof against browser anti-proxy plugins.<br>
<br>
BTW, gents, we are talking about advanced internet users - Hola,
Browsec, FriGate, ZenMate etc.- already invented. And they CAN'T be
blocked with HTTP/HTTPS proxy.<br>
<br>
To block this bypass solution you need advanced
infrastructure/experienced network admin.<br>
<br>
19.05.15 0:25, Dwayne Hottinger пишет:<br>
<span style="white-space: pre;">> There is a way to use an
internal dns server to redirect all google<br>
> searches to their safe search google. This does help with
inappropriate<br>
> images and searches that maybe quesionable. Just 'google'
dns safesearch.<br>
> You should get a few hits. Im currently doing this and it
works very well.<br>
><br>
> On Mon, May 18, 2015 at 2:21 PM, Rafael Akchurin <<br>
> <a class="moz-txt-link-abbreviated" href="mailto:rafael.akchurin@diladele.com">rafael.akchurin@diladele.com</a>> wrote:<br>
><br>
>> Hello Andres,<br>
>><br>
>><br>
>><br>
>> N.B. Please take my answer with a huge grain of salt.<br>
>><br>
>><br>
>><br>
>> The google images search returns image results
(thumbnails) as inline<br>
>> base 64 encoded images in the CSS. Selectively blocking
them with any URL<br>
>> redirector will not work. It is possible to completely
block google images<br>
>> but I assume this is not the way to follow for a school
where a lot of<br>
>> pupil projects need access to the image search results.<br>
>><br>
>><br>
>><br>
>> Our current recommend the strategy for blocking explicit
search results<br>
>> for schools are (please note you must be doing SSL
decryption for this to<br>
>> work!):<br>
>><br>
>><br>
>><br>
>> - enforce Safe Search for Google. In this way proxy adds
some special<br>
>> parameter to URL and some HTTP header to all outgoing
requests to google<br>
>> servers asking it to show only safe images. Unfortunately
this sometime<br>
>> misses quite offensive images as no safe search is safe
enough.<br>
>><br>
>><br>
>><br>
>> - add keyword filtering to filter results of image search
as it also<br>
>> contains some textual description of images and their
original URLs that<br>
>> greatly improves detection rate. Some possible
overblocking definitely will<br>
>> occur.<br>
>><br>
>><br>
>><br>
>> - add image tone detection filtering to the mix (works
only for JPEGs for<br>
>> now and higly experimental) :(<br>
>><br>
>><br>
>><br>
>> In order to do that you need to integrate a content
scanning server with<br>
>> your Squid – as possible variant consider taking a look
at what we develop<br>
>> exactly for this purpose (search google for qlproxy ICAP
– please note it<br>
>> is a commercial product).<br>
>><br>
>><br>
>><br>
>> Other choices are DansGuardian as parent proxy and<br>
>> SquidGuard/ufdbGuard/other redirectors.<br>
>><br>
>> I hope some other members of the list can explain how to
do what your<br>
>> require with these.<br>
>><br>
>><br>
>><br>
>> Best regards,<br>
>><br>
>> Rafael<br>
>><br>
>><br>
>><br>
>><br>
>><br>
>> *From:* squid-users
[<a class="moz-txt-link-freetext" href="mailto:squid-users-bounces@lists.squid-cache.org">mailto:squid-users-bounces@lists.squid-cache.org</a>] *On<br>
>> Behalf Of *Andres Granados<br>
>> *Sent:* Monday, May 18, 2015 7:50 PM<br>
>> *To:* <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
>> *Subject:* [squid-users] block inappropriate images of
google<br>
>><br>
>><br>
>><br>
>> hello!<br>
>><br>
>> I need help on how to block pornographic images of
google, I was trying<br>
>> different options and still do not succeed, try:
http_reply_access with<br>
>> request_header_add, and even with a configuration dns, I
think is to<br>
>> request_header_add the best, though not it has worked for
me, I hope your<br>
>> help, is to implement a school, thanks!<br>
>><br>
>> _______________________________________________<br>
>> squid-users mailing list<br>
>> <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
>> <a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a><br>
>><br>
>><br>
><br>
><br>
><br>
><br>
> _______________________________________________<br>
> squid-users mailing list<br>
> <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
> <a class="moz-txt-link-freetext" href="http://lists.squid-cache.org/listinfo/squid-users">http://lists.squid-cache.org/listinfo/squid-users</a></span><br>
<br>
-----BEGIN PGP SIGNATURE-----
<br>
Version: GnuPG v2
<br>
<br>
iQEcBAEBCAAGBQJVWi/AAAoJENNXIZxhPexG73UIAI2HY2WgJDoz9/TaJmrVv0HR
<br>
hjFqjv2lvy1wpIs5MBTeyOkwIMjbDsnuU24cKpuOIXxyTJFZD6MRhR5MKT3PFhMX
<br>
SvPOvkxhTHvMKKs0G2vYuFD+vvLYdxY5dIg2HZ0Jui7cb7dvlwf8l67prPZvBIZL
<br>
Mh9UpLmqa7OrRd6T17EzaR0sv7tC2h1zA5AlbNDlIn/4ee2MHyn4aiL13hFHgoYe
<br>
N326TEx7PSb2IHwDkZqIbhcRHShUQC8RxsLr0vTLpiiNTFtAoaECLOQt9435+XZt
<br>
vDjHnIt3A7kkME5+f2FpMw5GNhPwFDr7Nb0MlxxRxMJQUQMhZ6xab3mdUenIsf4=
<br>
=taCf
<br>
-----END PGP SIGNATURE-----
<br>
<br>
</body>
</html>