Re: SurfControl Bypass Vulnerability

[ASMDood <asmdood () NC RR COM>]

Yeah, I wrote that article.

I also found the ones mentioned below.  It seems as if the database
(encrypted or not), only acts as a reference.  No actual reverse DNS lookups
are happening and no checking further than straight text against the
database are happening.

Maybe this has something to do with the report that came out a couple of
weeks ago when it was reported that the most effective filter only works 80%
of the time.

What I *really* don't get is why one day some website like www.microsoft.com
or www.mindspring.com will be fine, and the next day (after the nightly
update) it's now being blocked as "Sexually Explicit".

Something isn't right with that picture.  Now, if they had a category for
"Mediocre Software", I'd understand it.


=========================================================
As far as I know, this, or close variations on this (ie,
0yyy.0yyy.0yyy.0yyy, or turning the whole thing into binary, removing the
dots, and reconverting to decimal, hex, etc.) work on most, if not all web
censors/filters. Reference 2600, Vol 17, #3, Fall 2000 (www.2600.com), p43.

Sean Kelly

-----Original Message-----
From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of
Witter, Franklin
Sent: Tuesday, March 20, 2001 12:07 PM
To: BUGTRAQ () SECURITYFOCUS COM
Subject: SurfControl Bypass Vulnerability