RE: Browse Web Freely

["Drumm, Daniel" <dgdrumm () bf umich edu>]

I'd be interested in reading the research done at Brown on this. 

To my mind, if somebody sets up an open HTTPS proxy, and gives you the
IP address of it, it's probably going to work. Content filters such as
Websense and Surfcontrol are parsing the HTTP request and for HTTPS they
are looking at the DNS lookup. If you bypass that by using an IP address
directly, it's likely to work. 

Try these guys: http://www.the-cloak.com/anonymous-surfing-faq.html
The trick is, you need to set up a static resolution to the-cloak.com
proxy into your local hosts file.
 

-----Original Message-----
From: Sadler, Connie [mailto:Connie_Sadler () Brown edu] 
Sent: Wednesday, April 05, 2006 4:07 PM
To: PCSC Information Services; Crispin Yuen
Cc: security-basics () securityfocus com
Subject: RE: Browse Web Freely

 
There is truly no way to surf the web anonymously. Here at Brown, much
research is being done on this, but there is *no* failsafe way to do it
today.

And I totally agree with what the person below wrote! If you need
something in order to work, you can get access. Otherwise, simply go
there at home - or from a library, etc.

Connie

-----Original Message-----
From: PCSC Information Services [mailto:info () pcsage biz] 
Sent: Tuesday, April 04, 2006 9:03 PM
To: Crispin Yuen
Cc: security-basics () securityfocus com
Subject: Re: Browse Web Freely

Hi Crispin,

I don't mean to harp at you, because this has already been done by other
list members. While I can understand that you are looking to help your
friend it's not really in her best interests to bypass network security
controls while at work. If your friend legitimately needs access to
sites that may fall under the auspices of content filtering or some
other control of network resources it is up to her to bring the subject
to her manager and explain how the current policies interfere with her
job function.
On the other hand, if your friend is just trying to surf on the
company's dime, I would ask, if you were the company owner, and you
ensured that all the bills were paid (including your friend's
salary/wages) would you feel okay about her wasting productivity time
AND bandwidth cost for her own personal reasons?

IT policies are developed and implemented to maximize a company's
network resources and minimize costs, casual use of the internet does
not usually fall within these policies, except for with forward looking
companies that choose to take care of their workers, and provide a free
station or two and uninhibited wireless in employee lounges or other
break areas. Usually, even in these enlightened cases there stands a
general policy about using the net only on breaks, and not to unbridled
excess.

Sincerely,

Sean Swayze
PCSC Information Services


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------