URL Filter DB and URL Filter DB Guard Rumi, January 14, 2012January 14, 2012 Together, URLfilterDB and ufdbGuard offer a unique set of features, all aimed at protecting your private network and reducing network bandwidth usage. These features include: URL filtering Advertisements blocking HTTPS proxy tunnel protection Blocking adult images produced by search engines Controlling HTTPS usage URL filtering There are three methods available to block unwanted web content: Content scanning: this method blocks access to web pages based on the occurrence of “bad” words in the content. Artificial intelligence: a variant on content scanning, intended to render more accurate results. Blacklists: this method blocks access to web pages based on their being listed in a website category to be blocked. URLfilterDB uses the last method as the fastest and most accurate method for URL filtering available. Navigate to our product comparison page to find out why and how using a blacklist filtering method makes URLfilterDB superior to competitor’s products. Blocked content categories URLfilterDB blocks up to 24 categories of unwanted web content: Advertisements Adult & sexually explicit Audio & video Chat Dating & Personals Drugs Entertainment External Applications Finance & Investment Forums Gambling Games Hacking & Warez Jobs News Peer-to-peer (P2P) Shops Sports Toolbars Travel Violence & Hate Web Proxies & Tunnels Weblogs & private sites Web-based email Generally, "consumer websites" like chat, news, forums, webmail etc. have a large quantity of advertisements (also known as "banners"). These consume a lot of network bandwidth. A study at a large university showed that MSN and Yahoo webmail were quite popular with the network users. From the top-25 of URLs that were processed by the web proxy, the #1 was an MSN banner, #2 was a Yahoo ad, and a total of 11 URLs were advertisements. In total, 44% of the bandwidth was consumed by mostly advertisements! As these advertisements can generally not be cached (i.e. temporarily stored on the web proxy to increase browsing speed and reduce bandwidth usage), all advertisement contents are retrieved from the web server each time they are accessed, consuming bandwidth whenever they are displayed. Blocking advertisements Advertisements can take various forms, such as popup windows, tracking URLs, and tracking cookies. The URLfilterDB advertisement category includes URLs to block these techniques. URLfilterDB uses a large list of known advertisement URLs to block advertisements. You may opt to block any advertisements on a site, while still allowing access to the site itself. The benefits are twofold: you save on your bandwidth and employees spend less time looking at and following advertisements. HTTPS proxy tunnel protection HTTPS is a protocol that implements a strong encryption layer around the HTTP protocol. Data sent across the Internet using HTTPS is secure and cannot be decrypted and read by any eavesdropper. This makes HTTPS a useful protocol for secure online transactions. Unfortunately, the HTTPS protocol also poses a security risk. As it encrypts all data sent between a client and a webserver, antivirus software cannot read the data exchanged to detect any viruses. HTTPS can also be used to set up a so-called "proxy tunnel" between a workstation on a protected network and any system on the Internet, thus opening up your network for unlimited and unauthorized data and document transfer. These proxy tunnels can also be used with reverse port forwarding (using SSH) to build an unauthorized connection from any system on the Internet into a protected network. Setting up a communication channel between an insecure environment and a private network is fairly easy. Most proxy server products (Squid, Netcache, iPlanet, etc.) do not guard against these proxy tunnels. Also, firewalls offer no protection against proxy tunnels. ufdbGuard helps to protect you network against proxy tunnels by probing URLs that use HTTPS! Blocking adult images produced by search engines Searching for images with search engines like Google, Yahoo, and MSN may allow users to view adult images. These cannot be blocked in a simple way, since it would be undesirable to block all images from a search engine. Several search engines offer a safe-search* feature, which blocks most adult images. Setting the safe-search parameter in ufdbGuard enforces the safe-search policies of these search engines. The default value for the parameter is ON. The safe-search feature enforces safe searches for the following search engines: A9, Alltheweb, Ask, BuscaMundo, Dogpile, Excite, Foxnews, Google, Hotbot, Infospace, Live, Lycos, Metacrawler, Metaspy, MSN, Webcrawler, Webfetch, ya.com, Yahoo. Controlling HTTPS usage Usually, websites that use HTTPS for legitimate reasons use a signed SSL certificate and a fully qualified domain name for maximum security and a clear identification of the website. In contrast, untrustworthy websites that use HTTPS will use self-signed SSL certificates and an IP address instead of a domain name. Therefore, ufdbGuard can be configured to control access to HTTPS websites using 2 settings: enforce-https-with-hostname enforce-https-official-certificate By default, these settings are set to “ON” in the ufdbGuard.conf file. We recommend to keep these settings. In case that a legitimate website uses an IP address in the URL, or an SSL certificate that is not signed by a trusted authority, just add this site to the locally trusted websites. Daily updates To keep the database with URLs to be blocked up to date, ufdbGuard has a feature to recognize URLs that are not yet part of the URL database. These URLs are uploaded to be included the next day's URL database. Src: http://www.urlfilterdb.com/products/overview.html Application squidurlfilter