Penetration Testing mailing list archives

RE: By passing surf control

From: <RMcElroy () mbe com>
Date: Wed, 25 Feb 2004 17:07:41 -0500

It depends on the system, some systems do not recognize uni code
requests for websites thereby not blocking them. You can use a web based
proxy, although if you make a rule to block those then they cannot get
to them. Also if I set up a proxy on my box at home that I could get to
I could proxy my traffic through my home box and get out that way. Also
it depends on how your web filter is configured, transparent proxing or
as a proxy server itself. There are some host based applications that
will encrypt data being sent out to the network that would allow you to
bypass as well. Hope this helps

-----Original Message-----
From: Kudakwashe Chafa-Govha [mailto:KChafa-Govha () bankunitedfla com] 
Sent: Wednesday, February 25, 2004 1:04 PM
To: 'pen-test () securityfocus com'
Subject: By passing surf control


Hello Group,


Does anyone have any information on how to by pass a web content filter?
We use Surf Control to monitor and filter web content. However, I have
one of my users who was able to by pass this. We tried using a proxy to
by pass just for testing purposes but it did not work. I am still trying
to figure out what other method he used to do so. If anyone has any
information , it will be greatly appreciated.

Thanks

Kuda

************************************************************************
**************************
The contents of this email and any attachments are confidential. It is
intended for the named recipient(s) only. If you have received this
email in error please notify the system manager or the 
sender immediately. Unless you are the intended recipient or his/her
representative 
you are not authorized to, and must not, read, copy, distribute, use or
retain this 
message or any part of it. 
************************************************************************
**************************


------------------------------------------------------------------------
---
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

By passing surf control Kudakwashe Chafa-Govha (Feb 25)
- Re: By passing surf control Dave Powell (Feb 26)
- <Possible follow-ups>
- RE: By passing surf control Lewis GySgt Richard C (Feb 25)
- RE: By passing surf control RMcElroy (Feb 25)
- RE: By passing surf control McNutt, Jacob (Feb 25)
  - Re: By passing surf control Charles Hamby (Feb 26)
    - Re: By passing surf control c3rb3r (Feb 27)
- Re: By passing surf control dotnetter (Feb 26)
- Re: By passing surf control nee cee (Feb 26)
- RE: By passing surf control McNutt, Jacob (Feb 27)
- Re: By passing surf control thomas adams (Feb 27)
- Re: By passing surf control Omar Herrera (Feb 28)