Bugtraq mailing list archives
Re: Bypassing website filter in SonicWall
From: Robert Bihlmeyer <robbe () orcus priv at>
Date: Wed, 30 Oct 2002 14:12:27 +0100 (CET)
Marc Ruef <marc.ruef () computec ch> writes:
I found a little weakness in SonicWall: I turn on the blocking mechanism for websites (e.g. www.google.com). Now I can't reach the website using the domainname. But if I choose the IP address of the host (e.g. http://216.239.53.101/), I can contact the forbidden website.
This should probably be documented better. This feature relies only on the HTTP/1.0+ Host field, nothing else (like the connection's destination). It's mainly useful when you want to block one virtual hosts, not a whole machine potentially hosting thousands of them. If you want to block a whole machine, go with the firewall rules. You lose the stylish blocking page, though...
It would make sense if you can do an internal nslookup.
Probably. But this interface isn't for people blocking more than a handful of domains, anyway. For a small number it's still viable to enter both names & numbers. -- Robbe
Current thread:
- Bypassing website filter in SonicWall Marc Ruef (Oct 29)
- Re: Bypassing website filter in SonicWall Kurt Seifried (Oct 29)
- Re: Bypassing website filter in SonicWall Robert Bihlmeyer (Oct 31)