Blocking Ultrasurf 14.02



  • Hello team. I would just like to ask if we have new list of CIDR for ultrasurf 14.02. I was able to block ultrasurf until 13.04 but ultrasurf 14.02 can now connect. Thanks in advance.



  • can you provide me ip and cidr of streaming websites like vimeo and free lancing websites odesk.com



  • Think we must make a repository of CIDR's with ultrasurf lists, facebook, youtube etc, like shalalist or kind of…
    Any volunteer?



  • Do you think, guys, that such approach makes sense  ???
    Wouldn't this be an already lost battle ?

    I mean IP addresses are going to be changed on very regular basis. One will need to track it.

    My understanding of Ultrasurf is quite poor for the time being but I'm thinking that if you:

    • prevent any internet access not controlled by your local proxy, obviously not in transparent mode otherwise HTTPS is not ahndled
    • deny HTTP(S) requests to any IP address (thus making URL based on FQDN mandatory)

    then it will be much more difficult for Ultrasurf to reach its external proxies.

    Next step would be to set-up Snort so that it listens to LAN interface. With the right signature, snort should be able to implement the second stage of this control.

    For sure, this is not costless in term of resources  :(



  • @pepemagana:

    Think we must make a repository of CIDR's with ultrasurf lists, facebook, youtube etc, like shalalist or kind of…
    Any volunteer?

    There are several on the internet. Hurricane Electric amongst others.

    Do a Google search for "Facebook ASN" or "Google ASN". Check the HE result (starts with bgp.he), click on IPV4 prefixes and you'll get a list of the CIDR network ranges used.

    Unfortunately, because Youtube shares networks with Google, this method cannot be used to block Youtube without blocking Google. So you will, in this case, need to use Squid with Squidguard (or just manually enter the (sub-)domains to block).


Log in to reply