Re: By passing surf control

• Previous message: wirepair: "Vulnerability Scanning"
• Maybe in reply to: Kudakwashe Chafa-Govha: "By passing surf control"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 27 Feb 2004 21:16:27 -0000
To: pen-test@securityfocus.com

>It depends on the system, some systems do not recognize uni code
>requests for websites thereby not blocking them. You can use a web based
>proxy, although if you make a rule to block those then they cannot get
>to them. Also if I set up a proxy on my box at home that I could get to
>I could proxy my traffic through my home box and get out that way. Also
>it depends on how your web filter is configured, transparent proxing or
>as a proxy server itself. There are some host based applications that
>will encrypt data being sent out to the network that would allow you to
>bypass as well. Hope this helps

Well, many web proxies are recognized by content filter controls, but how about other "common" web applications.

You were able to redirect content with yahoo some time ago, but an actual example is babelfish. How about translating a blocked web page from, let us say chinese to english... if the page is actually in english, you will see it almost intact.

Who would think of blocking a translator? Now it is clear that many online applications might be used for other purposes. Any user with some basic knowledge will get around this kind of security controls in a relatively short time(a problem with this kind of technology, rather than the tools themselves).

Regards,

Omar

---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Previous message: wirepair: "Vulnerability Scanning"
• Maybe in reply to: Kudakwashe Chafa-Govha: "By passing surf control"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]