Bugtraq mailing list archives
Re: SurfControl Bypass Vulnerability
From: Don Weber <Don () AIRLINK COM>
Date: Wed, 21 Mar 2001 14:42:06 -0800
is this with a particular version, I tried it and as usual it lets me 'bypass' the first time but not any subsequent attempts, and if I use the octal format on one computer, a second or any subsequent computers will NOT get to the site. -----Original Message----- From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of Witter, Franklin Sent: Tuesday, March 20, 2001 10:07 AM To: BUGTRAQ () SECURITYFOCUS COM Subject: SurfControl Bypass Vulnerability It appears that there is yet another way to bypass the site blocking feature of SurfControl for MS Proxy. Our configuration: We have set up our rules to deny access to anyone attempting to reach sites classified as Adult/Sexually Explicit, Hacking, etc. That would mean that anyone trying to reach www.blockedsite.com would normally be denied access to the site. The workaround: 1. First, do an nslookup on www.blockedsite.com to get the IP address of the site -- xxx.xxx.xxx.xxx 2. Next, convert each octet to an octal number using the windows calculator -- yyy.yyy.yyy.yyy 3. Insert eight (8) leading zeros in the first and third octets and seven (7) leading zeros in the second and fourth octets -- 00000000yyy.0000000yyy.00000000yyy.0000000yyy 4. Type the modified octets into your browser's address bar and, viola!, your are successfully bypassing the SurfControl filter. I have contacted SurfControl about this but have had no response. If anyone has any suggestions for correcting this vulnerability, please let me know. Franklin Witter Network Security Specialist II 252-246-3546 fax: 252-246-3463 e-mail: FWitter () BBandT com
Attachment:
smime.p7s
Description:
Current thread:
- SurfControl Bypass Vulnerability Witter, Franklin (Mar 21)
- Re: SurfControl Bypass Vulnerability skelly (Mar 22)
- Re: SurfControl Bypass Vulnerability Don Weber (Mar 22)
- <Possible follow-ups>
- Re: SurfControl Bypass Vulnerability Witter, Franklin (Mar 22)
- Re: SurfControl Bypass Vulnerability Chris St. Clair (Mar 22)
- Re: SurfControl Bypass Vulnerability Darren Reed (Mar 23)
- Re: SurfControl Bypass Vulnerability Paul Cardon (Mar 23)
- Re: SurfControl Bypass Vulnerability Dan Harkless (Mar 25)
- Re: SurfControl Bypass Vulnerability Ben Ford (Mar 26)
- Re: SurfControl Bypass Vulnerability Valdis Kletnieks (Mar 26)
- Re: SurfControl Bypass Vulnerability c0ncept (Mar 26)
- Re: SurfControl Bypass Vulnerability Ryan Russell (Mar 26)
- Re: SurfControl Bypass Vulnerability Darren Reed (Mar 23)