Security Basics mailing list archives

RE: bypassing proxy

From: "G. Purushotham Reddy" <GPurushotham_Reddy () symantec com>
Date: Tue, 27 Feb 2007 10:37:16 +0530

Hi 

Can I know what message your getting on webclient if your using proxy?

Check list: 

1. Check the policies of isa proxy server?
2. check the authentication mechanism of isa server?

Thanks & Regards
Purushotham Reddy 



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of nawalmiftahi () gmail com
Sent: Monday, February 26, 2007 5:27 PM
To: security-basics () securityfocus com
Subject: bypassing proxy

Hii all,
 i am a security admin with a financial instituation, there's one issue
which i would like to clarify , one of our user needs to access a
website ( a financial instituation) which he access by giving his
username and password+secureid, but the problem here is when he try to
access via a proxy (isa server) he's not able to access the above page,
and when the proxy is removed he's able to acces the page, the question
i wanted to ask you is what is the security issue if allowed by
bypassing the proxy or are there anyalternative , and if at all proxy is
bypassed , firewall is anywhere there at gateway, and all our port
blocking is at firewall and this proxy is used only for log collection
and some other stuff, 
    your early reply is highly appreciated .
                    Regards 

------------------------------------------------------------------------
---
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your
enterprise with BigFix, the single converged IT security and operations
engine. BigFix enables continuous discovery, assessment, remediation,
and enforcement for complex and distributed IT environments in real-time
from a single console.
Think what's next. Think BigFix. 

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/
ITNext/
------------------------------------------------------------------------
---


---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your
enterprise with BigFix, the single converged IT security and operations
engine. BigFix enables continuous discovery, assessment, remediation,
and enforcement for complex and distributed IT environments in real-time
from a single console.
Think what's next. Think BigFix.

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------

Current thread:

bypassing proxy nawalmiftahi (Feb 26)
- RE: bypassing proxy Liam Downward (Feb 26)
- Re: bypassing proxy Nick Owen (Feb 26)
- <Possible follow-ups>
- RE: bypassing proxy G. Purushotham Reddy (Feb 27)