Re: Risks/dangers of unauthorized web proxy

[Steve Olive <steve () bathurstcomputers com au>]

On Thursday 09 August 2007 16:47, julesgoolia () yahoo com wrote:
> Hi! I am a new security analyst and have not been exposed to the technical
> side of security.
>
> I would like to ask about the risks/dangers from unauthorized proxies. 
> Some employees in our company   install programs in their workstations to
> serve as proxy to other workstations that have not been given Internet
> access.
>
> Many thanks!

Remember that the system administrator is probably liable for any pirated or 
unauthorised software installed on computers connected to the corporate 
network. I'd recommend setting up policies and procedures to stop "anyone" 
from installing any software on corporate systems.

Look at setting up your own proxy, with filtering software, and only allowing 
the proxy server to access the Internet through your gateway/firewall.

I recommend Squid (http://www.squid-cache.org/) and SquidGuard 
(http://www.squidguard.org/) using the blacklists from Shalla 
(http://squidguard.shalla.de/shallalist.html) which can be installed easily 
as part of most Linux server distros (Ubuntu, openSUSE & Fedora are probably 
the easiest for beginners or Debian, EnGuarde Linux, Smoothwall, etc for more 
advanced users).

This will put you back in charge of the network and security.

-- 
Regards,

Steve
Bathurst Computer Solutions
URL: www.bathurstcomputers.com.au
.... _
... (0)>
... / / \
.. / / . )
.. V__/_
Linux Powered!
Registered Linux User #355382
*********************************************
"If you read the same things as others
and say the same things they say, then
you're perceived as intelligent. I'm a
bit more independent and radical and
consider intelligence the ability to
think about matters on your own and
ask a lot of skeptical questions to 
get at the real truth, not just what
you're told it is."
Apple's Inventor - Steve Wozniak 2006
*********************************************