The long awaited iTunes Store fix! This now allows you to go to the iTunes Store.

The original problem was caused by a malformed URL from Apple.

For the record, apple seems to thing that itunes.apple.com. is a valid URL (note the period on the end of .com?)

Anyways, the NetSentron has been adjusted to deal with malformed URL’s now.

This patch fixes an issue with the web log analyzer only going to the year 2010.

This update adds 62,337 new entries to the blacklists of the NetSentron.

NOTE: This patch takes a long time to install! Several minutes in fact.  The patch is modifying the Content Filter blacklist files and so it takes a while to go through all the files and update them. Please be patient when installing this update.

This update adds new drivers for the VIA-Rhine Chipset (network cards) and several other small updates.

NOTE: This update needs a reboot.

A recent posting on baseline magazine will give you some of the recent facebook numbers as it relates to business.
The link to the article is here:

http://www.baselinemag.com/c/a/Business-Intelligence/30-Fast-Facts-on-Facebook-at-Work-406941/?kc=EWWHNEMNL09132010STR1

We are not here to debate the merits of facebook; however, if you need to block it, I have included the instructions on how to block it using the NetSentron below. If you need a teacher, marketing department or the HR department to have access to facebook, while closing it to the rest of your network you would exempt that person or workstation from the filter.

The specific instructions on how to block facebook came from the following request:

The kids have discovered that if they go to https://www.facebook.com they can
bypasss the filter. From that point on even http://www.facebook.com and
facebook.ca is accessible. I need your help to block this.

First thing to do to block facebook is to blacklist the domains.
That would include facebook.com and facebook.ca.
That alone is not enough since kids will do all of the following:
1) Try a proxy server – they would go to another server that is not in the black list and then facebook from the proxy server.
The solution here is to block all the proxy servers. Netsentron administrators know how to do that.  There is a checkbox to block all known proxy servers.

2) They could go to another facebook site. The students could try facebook in Germany or France or??.
Now we have to block all facebook domains.
Latest exploit the kids discovered to bypass the NetSentron filter:
Go to babelfish.yahoo.com enter in www.facebook.com and choose Greek to English,
voila you have access to facebook even though it is blocked.
The fix:
Go to Filters->Content Filter
Then click on “Edit Banned URL Expressions”
Scroll down the window to the very bottom (you should probably see #(proxy) as the last
line)
Add the following line
(facebook)
Click on “Update Banned URL Expressions”
Now, anytime that facebook shows up in the URL (which it does when you do a
translation on yahoo), the site should be blocked. This works even if YAHOO.COM is in
the exception list.

3) The students in the above case used https.  It is a secure connection (like online banking) where we should not break into the middle of the online conversation. One way to fix that is to take control the proxy server.   If we break into the middle it basically creates a ‘man in the middle attack’. We don’t want to look like a hacker – our job is to stop them!

The quick way to stop all traffic to facebook servers is to stop at the source. The final resolution was generated by Darren in our office:

Go to Firewall->IP Block

Add the two following entries:

TCP 69.63.176.0/20 1:65535 DROP BOTH
TCP 66.220.144.0/20 1:65535 DROP BOTH

This will block all current IP’s owned by Facebook.

Darren

This is part of an internal post by Darren Crithley to the KDI techinican support team which I think if of real value to general public.

The kids at one of the schools are circumventing the NetSentron using this:
http://www.hotspotshield.com/

It is an installable program that becomes a proxy on their own PC and allows them to get past the NetSentron.

It is actually a VPN endpoint with a proxy that runs on your localhost (127.0.0.1)

It is using OpenVPN as a VPN client and they have set up some websites that are the endpoints. So far 68.68.108.3 and 68.68.108.4

There have been a lot of these VPN bypasses showing up of late and this one is pretty slick.

But I am able to block it, so here are the instructions for you to block it:
———————————————————————–
Go to Firewall->IP Block
Choose Protocol:udp
Source IP or network: 68.68.108.0/24
port: *
Drop Packet
Direction: In and Out bound packets
Enabled (yes)

Do the same for TCP
Choose Protocol:tcp
Source IP or network: 68.68.108.0/24
port: *
Drop Packet
Direction: In and Out bound packets
Enabled (yes)

I have probably blocked off more than I should have with the /24, but I figured that they may have a block of IP’s. You can try just the 68.68.108.3 and 68.68.108.4 (udp/tcp)
———————————————————————–

Now here is the tech part on how to figure this out if the kids are using a different product to bypass:

These bypasses are VPN’s and therefore they need to connect to “somewhere” so they can surf the net. That “somewhere” is what we will block.

If someone is not already using the bypass product, then install it on your laptop or computer.

Next, run it and connect to what should be a banned site.

Then look at the connections analysis on the NetSentron, I suspect you will see a connection to a weird port (either tcp or udp)

Stop the bypass product on the PC or laptop

Add the IP address and ALL ports to IP Block, set in and out packets.

Run bypass product again and see what shows up.

Keep doing this until you get all the IP’s

This hotspot shield was pretty slick, when I blocked all the UDP ports for it, it switched over to TCP and connected again. Once I had the tcp and udp blocked, that was the end of it (until they get another block of ip addresses)

Darren

This update adds 265,651 new entries to the blacklists of the NetSentron.

NOTE: This patch takes a long time to install! Several minutes in fact.  The patch is modifying the Content Filter blacklist files and so it takes a while to go through all the files and update them. Please be patient when installing this update.

This update adds the Advanced Firewall option to the NetSentron. This option will allow you to block all outgoing traffic unless expressly allowed by you. As it is an advanced option, we ask you to make sure you have read the instructions, also an understanding of Network Ports and Protocols is required to manage the advanced firewall.

This update adds to the blacklists of the NetSentron and updates the content filter engine.

NOTE: This patch takes a long time to install! Several minutes in fact. It is also a large patch at about 12 megs, so please try to only install it from your desktop and not across the internet. The patch is modifying the Content Filter configuration files and so it takes a while to go through all the files and update them. Please be patient when installing this update.

The following new categories are added to the blacklists:

astrology – Astrology websites
blog – Journal/Diary websites
books – Various books
celebrity – Websites about celebrities
desktopsillies – Wallpapers and other timewasting items
filehosting – Sites to do with filehosting
filesharing – Sites to do with filesharing
financial – Sites to do with finance and banking
guns – Sites to do with guns and fighting
humor – Sites to do with humor
magazines – Sites to do with Magazines and Ezines
malware – Sites known to contain Malware
manga – Sites containing Manga (Japanese cartoons)
marketingware – Sites containing internet marketing
sect – Sites containing information in sects
shopping – Sites that allow you to shop

You can examine the contents of each category by going to the Filter->Blacklists page and clicking on the link for each category.

NOTE: all new blacklists are set to disabled by default. You must choose Banned, Filtered or Exception for the new categories to take effect.

Added new auto back up feature that allows the NetSentron to automatically generate a back up file each Friday night at 11PM. (Note, on Internet Explorer, the check box will not stay checked, this is fixed in Update 3.3.0)

Fixed some other minor bugs in the NetSentron