My OperaYou need to be logged in to post in the forums. If you do not have an account, please sign up first.
Blocking Opera Mini Socket
I am a System Admin at a hospital with a problem...I like Opera on the Iphone, however, we have students and nurses whom use their iphones during work hours and with the Opera browser are able to supersede all of our content filters due to the use of sockets. I've been trying to figure out what method to go about preventing this issue and need some help. What ports does the socket use? Is there any other way to filter its use other than blocking the port entirely?
Any and all help will be greatly appreciated!
Thank you!
Justin Shields
21. April 2010, 16:35:38 (edited)
Edit: I'll answer the last question myself. If you filter on content you don't have to worry about other ports.
Originally posted by thenephillim:
I am a System Admin at a hospital with a problem...
I like Opera on the Iphone, however, we have students and nurses whom use their iphones during work hours and with the Opera browser are able to supersede all of our content filters due to the use of sockets. I've been trying to figure out what method to go about preventing this issue and need some help. What ports does the socket use? Is there any other way to filter its use other than blocking the port entirely?
Any and all help will be greatly appreciated!
Thank you!
Justin Shields
Ain't we have soon here a bunch of nurses asking for connection issues
*************"Nothing great has been and nothing great can be accomplished without passion."<b> Friedrich Hegel</b>
"Concordia Parvae Res Crescunt"<b>Sallustio</b>
Since we use a content filter (SonicWall) we have many social networking sites, and "dirty" sites blocked. but since Opera Mini uses sockets the content filter doesn't see page requests, just the hits to the Opera servers....
It looks like the only thing possible to do is to block port 1080 from going out. Can someone confirm that this will cure my issue?
Oh, and just to clarify, my biggest concern is the loss of HIPAA information.
That and removing distractions for workers that are on the clock.... lol
Originally posted by thenephillim:
It looks like the only thing possible to do is to block port 1080 from going out. Can someone confirm that this will cure my issue?
No, it will not. They will switch to HTTP then. You are not going to block port 80 in that case, are you?
You need to filter by server IP address. Or filter DNS requests for domain names like *.opera.com - looks like Opera Mini uses server name rather than IP address, so it will not work if it can not resolve the server name.
Originally posted by thenephillim:
It looks like the only thing possible to do is to block port 1080 from going out. Can someone confirm that this will cure my issue?
The Mini client should switch to using HTTP if you block port 1080, but you still won't be able to do content filtering because the client still sends the request as an encrypted blob, just wrapped up in an HTTP POST. To make content filtering possible we'd have to expose the URL the user is requesting, and that would be bad.
Safari is caught by our Content Filter.