I have opened up a call ticket with Fortinet on this issue as creating regex strings defeats the purpose of having categories. I cannot see any way - other then creating regex strings or blocking web translators - of blocking this bypass methodology.
I am however quite new to the version 4 code so I am posing the question to the community. Is there a way in the version 4 code ( I am using build 192) that I can selectively block these attempts based on the web filtering settings in the policy that the traffic takes.
Here are some examples of successful defeats of my web filtering policies:
http://translate.google.com/translate?js=y&prev=_t&hl=en&ie=UTF-8&layout=1&eotf=1&u=facebook.com&sl=es&tl=en
http://www.microsofttranslator.com/bv.aspx?ref=Internal&from=&to=en&a=youtube.com
http://babelfish.yahoo.com/translate_url?doit=done&tt=url&intl=1&fr=bf-home&trurl=http%3A%2F%2Fyoutube.com&lp=nl_en&btnTrUrl=Translate
http://fets3.freetranslation.com/?Url=http%3A%2F%2Fwww.facebook.com&Language=Spanish%2FEnglish&Sequence=core
http://www.systranlinks.com/trans?systran_lp=xx_en&systran_id=http://www.appliedlanguage.com/&systran_url=http%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DPM20B53bNUQ|feature%3Dpopular
What is really interesting is that during school hours, I blackhole dns requests for youtube and yet, using these translators, you would never know it was verboten. By the way, if I were a student, my money would be on Microsoft.
Victor