Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: By passing surf control
From: Omar Herrera <oherrera () prodigy net mx>
Date: 27 Feb 2004 21:16:27 -0000

In-Reply-To: <84493B06BD47C141A94192546BCC41AC0363EF22 () njrarsvr058b GMS COM>



It depends on the system, some systems do not recognize uni code
requests for websites thereby not blocking them. You can use a web based
proxy, although if you make a rule to block those then they cannot get
to them. Also if I set up a proxy on my box at home that I could get to
I could proxy my traffic through my home box and get out that way. Also
it depends on how your web filter is configured, transparent proxing or
as a proxy server itself. There are some host based applications that
will encrypt data being sent out to the network that would allow you to
bypass as well. Hope this helps

Well, many web proxies are recognized by content filter controls, but how about other "common" web applications. 

You were able to redirect content with yahoo some time ago, but an actual example is babelfish. How about translating a 
blocked web page from, let us say chinese to english... if the page is actually in english, you will see it almost 
intact. 

Who would think of blocking a translator? Now it is clear that many online applications might be used for other 
purposes. Any user with some basic knowledge will get around this kind of security controls in a relatively short 
time(a problem with this kind of technology, rather than the tools themselves).

Regards,

Omar


---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault