Websense bypass

hahaha... Don't think that's gonna happen :-D

I'll just split the traffic once I get the 3G Card then I don't waste my precious 1GB on google and crap :-)



Edit: Can't follow the link coz: Proxy Avoidance

hahaha
 
Maak nie saak... Baas bly slim se baas so doen jou werk en hou jou mond :-)
 
Few solutions here:

1) For all your IM needs use www.meebo.com. 90% of the time Websense will not filter it and it's not half bad, just means you need to keep a browser open to chat to friends.

2) For browsing you have 2 options. No offence intended here but I strongly doubt you have the proficiency to do either of these...Websense only looks at http requests thus if you push normal text across 80 it won't filter it and you can browse websites as normal. Essentially you just write a small program to listen for traffic on a port then forward it to port 80 as plain text. You make your browser send all requests to the previous port and thus circumvent Websense. The second and much better method would be to push all your browser traffic over an SSH tunnel as it's then encrypted and moving across port 22 so it's not filtered by Websense. To do this you'll need an SSH server somewhere and Bitvise Tunneler or Putty. Essentially Tunneler/Putty connects to the SSH server and opens up a port for it to listen t requests. You make your browser forward all requests to Putty/Tunneler and thus circumvent Websense.

Hope this helps.
 
I like the idea of the Putty one... Worked on it a bit but I'll have to read up a bit more on what you said.

Our IE connects to a Proxy that is on port 8080 (shouldn't make a diff, I think)

I'll read a bit and see what I can do.

Thanks
 
Download Your freedom at home, installed the app at work and surf anything u like...
 
renvilo said:
Like I can't get my gtalk to work and I can't get to all my pages when I google something about Visual Studio.

Before anyone goes on and on about IT blocks you coz bla bla bla... I don't really care. I'm not browsing porn so I'm fine.
Click to expand...

Gotta love these threads.

Afraid I'll have to go on about how IT blocks you blah blah

Since you are running a decent proxy content filter and you do work for a large mining company I presume they spent a lot of security and its pretty high up on their list, therefore ideas like browsing directly out or using the IP address or using anon proxy sites won't work as it will all be blocked already.

Also the firewall admin (if he's worth anything) will block all ports except only the ones needed - so chances are that ssh'ing out won't work.

Porn sites aren't the only sites that needs to be blocked - there's a bunch of others that are often blocked as well to protect the company as well as the employee. Imaging someone visiting a hate/racial site - if someone walks past and sees it and takes offence the company is liable and can be sue'd. It then has to prove that it has measures in place to protect its employees from such sites.

Most often chat clients will also be blocked to protect the company against DLP. In your case I"m sure its a priority as they would be some confidential documents floating around.

I"d also check your information security policy - just because you don't browse porn sites doesnt mean you can't get fired.

In most large corporates if you try and find ways to bypass security you will be incidented and possibly fired.

Also remember that the equipment you are using and resources you are consuming are owned by your company. They write the rules and tell you where/what you can and cannot do.

3G cards are a pain in the @$$ security wise - people install them and can then bypass all the security in the company. They then wonder why there are security incidents. User A goes home and surfs dodgy sites which are normally blocked at work, get infected by some nasty worm/malware, comes back to work and plugs back into the LAN....and bam...its all over. The whole network is infected.
 
Last edited:
gregmcc said:
Gotta love these threads.

Afraid I'll have to go on about how IT blocks you blah blah

Since you are running a decent proxy content filter and you do work for a large mining company I presume they spent a lot of security and its pretty high up on their list, therefore ideas like browsing directly out or using the IP address or using anon proxy sites won't work as it will all be blocked already.

Also the firewall admin (if he's worth anything) will block all ports except only the ones needed - so chances are that ssh'ing out won't work.

Porn sites aren't the only sites that needs to be blocked - there's a bunch of others that are often blocked as well to protect the company as well as the employee. Imaging someone visiting a hate/racial site - if someone walks past and sees it and takes offence the company is liable and can be sue'd. It then has to prove that it has measures in place to protect its employees from such sites.

Most often chat clients will also be blocked to protect the company against DLP. In your case I"m sure its a priority as they would be some confidential documents floating around.

I"d also check your information security policy - just because you don't browse porn sites doesnt mean you can't get fired.

In most large corporates if you try and find ways to bypass security you will be incidented and possibly fired.

Also remember that the equipment you are using and resources you are consuming are owned by your company. They write the rules and tell you where/what you can and cannot do.

3G cards are a pain in the @$$ security wise - people install them and can then bypass all the security in the company. They then wonder why there are security incidents. User A goes home and surfs dodgy sites which are normally blocked at work, get infected by some nasty worm/malware, comes back to work and plugs back into the LAN....and bam...its all over. The whole network is infected.
Click to expand...

+1

Very well said - that's why dodgy sites are blocked, to prevent virus/trojan infestation and downtime.

"But there's antivirus programs" you cry. Big deal. The newer batch of polymorphs doesn't get caught by current antivirus programs. And once you get a polymorph, it's a pain to get rid of.

So, financially, it makes sense to be anally retentive on what sites you're allowed and so on.

A home owner with one PC can get away with a night's downtime, spent to reinstall Windows.

But a company with 100+ PC's - it is not feasible to have all the PC's down and out - the financial implications can ruin any company (salaries still need to be paid, no work gets done, possible data loss, etc).
 
Last edited:
AV software should be the last line of defense. ALL AV software companies are struggling to detect the latest malware. From the latest figures over a million unique pieces of malware are coming out every month. Its simply not possible to analyse these fast enough - pattern files would have to be released every few seconds.

Within the next few years your going to see application white listing being used extensively. Most DLP products already have this where only abc.exe and xyz.exe are allowed to run - everything else is denied.

For corporates if there's downtime for only a few hours it can cause millions in lost revenue.
 
The_Librarian said:
+1

Very well said - that's why dodgy sites are blocked, to prevent virus/trojan infestation and downtime.

"But there's antivirus programs" you cry. Big deal. The newer batch of polymorphs doesn't get caught by current antivirus programs. And once you get a polymorph, it's a pain to get rid of.

So, financially, it makes sense to be anally retentive on what sites you're allowed and so on.

A home owner with one PC can get away with a night's downtime, spent to reinstall Windows.

But a company with 100+ PC's - it is not feasible to have all the PC's down and out - the financial implications can ruin any company (salaries still need to be paid, no work gets done, possible data loss, etc).
Click to expand...

While I don't disagree, dodgy sites are not the only source of malware. My girlfriend used a flash drive on my laptop that had a virus on (that she picked up from varsity). McAfee didn't pick it up, and then due to the st00pid policies on the computer, I couldn't remove the malware.
 
How many users actually goes home and do something on a flash drive there and bring it back to work... You said 100+ users...

Well just on our side of the company there's about 1200 people and that just our side. There's 1000's of people working here and even if just 50% did something at home (like work or just copying MP3's to a flash drive) they can infect the network and I know it's a pain if there's a virus going around... I did my fair share of admin (maybe not long as some of you but I did)

Reinstalling a server is a pain and I know that. But like that guy said his girl got it from Varsity...

I don't want to go to dodgy sites but I want to browse what and when I want. If I want to gtalk I want to gtalk. I'm all alone in my own office with my lcd not showing so no one can see.

The 3G card will only be used at my work pc coz I have DSL @ home.
 
renvilo said:
I'm all alone in my own office with my lcd not showing so no one can see.
Click to expand...
:erm:

you could try emulated mini opera, but it has its limitations or another java specific browser.
 
Last edited:
Even tho I posted earlier about ways to avoid Websense what a lot of the posters after me have said is true. It's generally there for your own protection and that of the Company/Corporation you work for.

If you absolutely have to bypass Websense in a legitimate way, consider just asking just asking the system Admin or whoever maintains it to either lift your specific IP address or give him/her a list of sites you would like to visit on a regular basis and check them for approval. Generally something like Prophecy wouldn't be too bad to lift and it's just blocked to stop people wasting time screwing around on websites.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X