Skip to main content

bypassing websense without proxy use???

More
17 years 1 week ago #20339 by sahirh
Hmmm... is the URL blocked (tor.eff.org), because that's only required to download the software (which you can get from other mirrors).

I don't know how they would be blocking every node... shouldn't be possible AFAIK.

Cheers,

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
17 years 1 week ago #20341 by Smurf
It would depend on how it worked. Normally Websense will map all the hosts that it can connect through to as they analys stuff like that. Didn't actually realise it was downloadable software.

It wouldn't supprise me if they had mapped all the endpoints though.

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 1 week ago #20367 by sahirh
It would be impossible to add all the endpoints to the tor network since the network topology is dynamically created. In essence everyone can be a tor node.

Think of it like P2P, distributed transacting which ensures that no particular host can be identified as the origin or source of the data.

In fact, the whole idea of tor (and onion routing in general) was to address this issue. It was initially put together by the US Navy to allow dissidents in China to bypass the 'great firewall of China'.

Cheers,

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
17 years 1 week ago #20369 by Smurf
It would depend on how the protocol tunnels through the network. If the Websense Network Agent is installed on whatever server its going through, then as long as a UserAgent or some other identifyable factors are used to indicate the tunnelled traffic, it will be blocked.

Websense has the "Proxy Avoidence" category in its URL Database to stop access to the online ones that are through a web browser.

Websense also has the "Proxy Avoidence" category in its Protocol Database to stop anything from either using specific ports or tunnelling traffic. I would probably guess that its blocked in the Protocol Database.

Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 1 week ago #20399 by sahirh
Well it would essentially look like random encrypted traffic to a random IP address... the identifying information is usually stripped by a program like privoxy or proxomitron.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
16 years 2 months ago #24807 by omggnesha
Replied by omggnesha on topic try...
serve2.kproxy.com

the url scheme stopped working at my school because of the abundance of use. but it might work for you. its pretty chill.
Time to create page: 0.152 seconds