Security Basics mailing list archives
RE: Browse Web Freely
From: "Drumm, Daniel" <dgdrumm () bf umich edu>
Date: Thu, 6 Apr 2006 16:55:21 -0400
I'd be interested in reading the research done at Brown on this. To my mind, if somebody sets up an open HTTPS proxy, and gives you the IP address of it, it's probably going to work. Content filters such as Websense and Surfcontrol are parsing the HTTP request and for HTTPS they are looking at the DNS lookup. If you bypass that by using an IP address directly, it's likely to work. Try these guys: http://www.the-cloak.com/anonymous-surfing-faq.html The trick is, you need to set up a static resolution to the-cloak.com proxy into your local hosts file. -----Original Message----- From: Sadler, Connie [mailto:Connie_Sadler () Brown edu] Sent: Wednesday, April 05, 2006 4:07 PM To: PCSC Information Services; Crispin Yuen Cc: security-basics () securityfocus com Subject: RE: Browse Web Freely There is truly no way to surf the web anonymously. Here at Brown, much research is being done on this, but there is *no* failsafe way to do it today. And I totally agree with what the person below wrote! If you need something in order to work, you can get access. Otherwise, simply go there at home - or from a library, etc. Connie -----Original Message----- From: PCSC Information Services [mailto:info () pcsage biz] Sent: Tuesday, April 04, 2006 9:03 PM To: Crispin Yuen Cc: security-basics () securityfocus com Subject: Re: Browse Web Freely Hi Crispin, I don't mean to harp at you, because this has already been done by other list members. While I can understand that you are looking to help your friend it's not really in her best interests to bypass network security controls while at work. If your friend legitimately needs access to sites that may fall under the auspices of content filtering or some other control of network resources it is up to her to bring the subject to her manager and explain how the current policies interfere with her job function. On the other hand, if your friend is just trying to surf on the company's dime, I would ask, if you were the company owner, and you ensured that all the bills were paid (including your friend's salary/wages) would you feel okay about her wasting productivity time AND bandwidth cost for her own personal reasons? IT policies are developed and implemented to maximize a company's network resources and minimize costs, casual use of the internet does not usually fall within these policies, except for with forward looking companies that choose to take care of their workers, and provide a free station or two and uninhibited wireless in employee lounges or other break areas. Usually, even in these enlightened cases there stands a general policy about using the net only on breaks, and not to unbridled excess. Sincerely, Sean Swayze PCSC Information Services --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: Browse Web Freely c.s.wright (Apr 04)
- <Possible follow-ups>
- RE: Browse Web Freely Sadler, Connie (Apr 06)
- RE: Browse Web Freely Drumm, Daniel (Apr 07)