From: Charles Hamby (fixer@gci.net)
Date: Wed Feb 25 2004 - 20:14:47 EST
Have you tried checking to see if IP address obfuscation works?
In case anyone's not familair with this...
Using http://www.amazon.com as an example. If I wanted to go there but
it was blocked, I would find out what the IP address of www.amazon.com
is (say using ping).
In this case it happens to be 207.171.181.16. I would then convert each
octet into hex individually. (207 is CF, 171 is AB, 181 is B5 and 16 is 10)
Then I would put CFABB510 into my calculator (Windows calculator works
just fine for this, by the way) and conver it to decimal again. I would
come up with 3484136720
I would open up my web browser and put in http://3484136720 and up comes
Amazon.com.
Charles Hamby
McNutt, Jacob wrote:
>SSH tunneling/port forwarding to a proxy might work if they have access to it. Also, we have a problem with AOL client browsers that can bypass Websense all together.
>
>-----Original Message-----
>From: Kudakwashe Chafa-Govha [mailto:KChafa-Govha@bankunitedfla.com]
>Sent: Wednesday, February 25, 2004 3:04 PM
>To: pen-test@securityfocus.com
>Subject: By passing surf control
>
>Hello Group,
>
>
>Does anyone have any information on how to by pass a web content filter? We use Surf Control to monitor and filter web content. However, I have one of my users who was able to by pass this. We tried using a proxy to by pass just for testing purposes but it did not work. I am still trying to figure out what other method he used to do so. If anyone has any information , it will be greatly appreciated.
>
>Thanks
>
>Kuda
>
>**************************************************************************************************
>The contents of this email and any attachments are confidential.
>It is intended for the named recipient(s) only.
>If you have received this email in error please notify the system manager or the sender immediately. Unless you are the intended recipient or his/her representative you are not authorized to, and must not, read, copy, distribute, use or retain this message or any part of it.
>**************************************************************************************************
>
>
>---------------------------------------------------------------------------
>----------------------------------------------------------------------------
>
>
>
>
>---------------------------------------------------------------------------
>----------------------------------------------------------------------------
>
>
>
>
---------------------------------------------------------------------------
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:49 EDT