Vulnerability Development mailing list archives

Re: N2H2 Web Proxy/Filter appliance


From: vision () WHITEHATS COM (Max Vision)
Date: Sun, 18 Jun 2000 11:07:54 -0700


On Sun, 18 Jun 2000, Richard Hill wrote:
We have the N2H2 proxy server at our High School, mpow.  The thing is a
piece of crap, most sites that already blocked are blocked by name only,
ie. chat.yahoo.com is blocked but if do an nslookup or a ping and get its
ip address and stick that in your broswer it goes right through the proxy
server and Boom, you have your chat. Now www.playb0y.com is blocked by both,
but most new sites and less popular sites are blocked by name only. It would
be impossible to keep up  with all the ips of every site you wanted blocked
and enter them into the
pos along with the names. I called N2H2 about this little problem and they
thanked me and told me that it was now on their directors level and
there was nothing more they could help me with. As of yet I have not
seen a fix.

Good point, however they don't need to learn the IP's to block them - they
can just make sure to attempt to do reverse dns lookups on any numeric
IP's before doing their checks.  This won't catch everything, but it will
cover probably 90+% and be a very simple step for their engineers to add,
IMHO.

Max


Current thread: