RE: [Full-Disclosure] Proxies

From: adam.richards (adam.richards_at_wnonline.net)
Date: 10/31/03

  • Next message: Peter Moody: "Re: [Full-Disclosure] Re: Gates: 'You don't need perfect code' for good security" 
    To: <full-disclosure@lists.netsys.com>
Date: Fri, 31 Oct 2003 16:18:47 -0600

    Users can also setup a hotmail account and email themselves links to
    site. Then log into hot and click there link. As most of you know that
    hotmail will open the website within itself and to any logs/traffic it
    looks like there surfing on hotmail.

    -----Original Message-----
    From: full-disclosure-admin@lists.netsys.com
    [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of Richard
    Spiers
    Sent: Friday, October 31, 2003 2:48 PM
    To: full-disclosure@lists.netsys.com
    Subject: Re: [Full-Disclosure] Proxies

    ----- Original Message -----
    From: "Ben Nelson" <venom@venom600.org>
    To: "Earl Keyser" <Earl.Keyser@wayzata.k12.mn.us>
    Cc: <full-disclosure@lists.netsys.com>
    Sent: Friday, October 31, 2003 8:06 PM
    Subject: Re: [Full-Disclosure] Proxies

    > only understands HTTP (to prevent other services from being tunneled
    > over port 80), you should be good to go.

    That isn't going to stop other services from being tunneled over port
    80. There quite a few ways to do this. See Firepass. It is a tunneling
    tool, allowing one to bypass firewall restrictions and encapsulate data
    flows inside legal ones that use HTTP POST requests. TCP or UDP based
    protocols may be tunneled with Firepass

    http://www.gray-world.net/pr_firepass.shtml

    and no, I don't work for them, I don't know them, and I have no
    commercial interest in advertising this freeware product ;p View it as
    proof of concept ;p

    What exactly are you trying to stop these students from doing? Is there
    a problem with them visiting certain sites, or using certain services or
    bandwith restricitions etc?

    Thanks
    Richard Spiers

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Peter Moody: "Re: [Full-Disclosure] Re: Gates: 'You don't need perfect code' for good security"

    Relevant Pages

    • Re: Day 2 no hotmail mystery
      ... spoke witha Charter Com phone tech. ... The tech told me that Charter had been working on the ... had a problem with the secure websites and I never had experienced Hotmail ... The thing here is that it seems that Vista can go around this issue better ...
      (microsoft.public.windowsxp.general)
    • Re: OE receives mail but doesnt send
      ... We have sent out many E-mails to Yahoo, Hotmail, ... One possibility that no-one has mentioned as yet - have Charter been ... of spam being received. ...
      (alt.sys.pc-clone.dell)
    • [Full-Disclosure] SPOOFED HOTMAIL ADDRESS --- http://www.security-hotmail.com/
      ... http://www.security-hotmail.com/ not pretending to be hotmail but still ... Full-Disclosure - We believe in it. ... Charter: http://lists.netsys.com/full-disclosure-charter.html ...
      (Full-Disclosure)