Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: setting up private proxy

Re: setting up private proxy 9 years 2 weeks ago #37334

@Nevins,

I really appreciate your concern and understand the implications if i get caught. But, i dont really mind that at all for now. maybe because im part of the IT.

We get orders from management to block certain sites, but trust me they have no way knowing first who breaks policy other than me and my co-workers.

and since, we configured the word 'proxy' to block in search engines, im just wondering if making my own private proxy would bypass it.

im really not sure how it redirects before it goes to the internet, thats why im asking

Okay so lets look at this logically. Chances are your getting redirected before it even gets to the internet by your host file, dns settings and browser settings. You can likely get around the browser but adding another browser (if you are not locked out of installing new programs) and you may even be able to change the dns and host settings if not configured properly.


can you explain clearly when you say it redirects even before it gets to my host file?
and, i am able to change my dns settings.

as far as i know, we did not implement any ACL, we only use domain name blocking and some ports of it. thats why, im really wondering why cant I use my private proxy.. :/

anyhow, i appreciate your input.

Re: setting up private proxy 9 years 2 weeks ago #37336

If your site uses its own DNS server rather than the one from the ISP (which most companies do) then there is potential there to make changes within your own DNS to redirect sites you want to block to some black hole rather than letting it resolve. You can do something similar by redirecting in the hosts file which usually gets checked before DNS is invoked. You can vary the checking order by modifying the node type. Usually measures such as these will go along with policy restrictions to stop people simply undoing the settings on their PC.
Those are some of the simple ways of restricting internet access. Probably more usual is some sort of proxy with a block list, either internally managed or on subscription from an external provider. These let you block categories of sites eg no porn, no gambling etc provided the list is accurate and kept up to date.

Re: setting up private proxy 9 years 5 days ago #37380

  • Nevins
  • Nevins's Avatar
  • Offline
  • Expert Member
  • Expert Member
  • Posts: 438
  • Karma: 4
  • Thank you received: 9

Chances are your getting redirected before it even gets to the internet by your host file, dns settings and browser settings.

can you explain clearly when you say it redirects even before it gets to my host file?
and, i am able to change my dns settings.



I think you read that wrong. Packets do not get redirected BEFORE they get to the host file... they get redirected BY your host file.


Essentially your host file acts as a DNS server on your computer. Before hitting ANY other DNS server your computer checks the host file for IP addresses. Additionally you may want to note that you can bypass DNS look-ups by hosting IP addresses locally on your host file. (you can get a better ping in some video games too)
Useful Threads
================================
www.firewall.cx/forum/2-basic-concepts/3...e-resource-page.html

Re: setting up private proxy 8 years 11 months ago #37444

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1577
  • Karma: 3
  • Thank you received: 7
pedenski, I assume here that you've setup port forwarding on your homes/ISP router for a SOCKS port (which is the protocol usually used by proxies) and setup the same port on the proxy settings of firefox at work.

To start lets isolate the problem, place wireshark on your home PC and filter only for SOCKS protocol traffic, then go to work and browse using your proxy again. When you get back home, check wireshark to see if you've got some SOCKS request packets there. If so, then the problem is probably at home. If not then the problem is at work.

An easier way is to try browsing from a friends PC (or any other none work PC). If it works then the problem is obviously at work.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
  • Page:
  • 1
  • 2
Time to create page: 0.107 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup