Company is limiting the access, how to break it?

[faye]

Hi,

My company is limiting the internet access to only outlook can download emails. And i just cannot access internet (browsing).
Of course, all cellphones are blocked from the wireless router.

So, i am thinking if i can use a router that has access point function and any devices that connect to this router will no longer require any further higher level privilege.

I know a software "Connectify" may do the job just like what i need, but weird that it says" Connectify has been blocked (by third party)" i just cannot find anything that is blocking it.

*** Best solution is to look for another Job or to open you own business.

Thread Closed.
-Jack
Super Mod.

 

[yinan]

You will not be able to do this, network access is being blocked a the firewall level.

 

[Gryz]

Theoretically, if there is just one type of application (or one type of packet) that is going through the firewall, you can get anything through. However, this requires some technical knowledge, some work, and maybe even custom software, to get it done.

But your company doesn't want you to do use the Internet. Why not go along ? If I was a manager or network admin, and I saw one of my employees intentionally go against the network policy, I'd be pissed off. I'd get your ass fired. That policy is there for a reason.

 

[dphantom]

Hi,

My company is limiting the internet access to only outlook can download emails. And i just cannot access internet (browsing).
Of course, all cellphones are blocked from the wireless router.

So, i am thinking if i can use a router that has access point function and any devices that connect to this router will no longer require any further higher level privilege.

I know a software "Connectify" may do the job just like what i need, but weird that it says" Connectify has been blocked (by third party)" i just cannot find anything that is blocking it.

No one here is going to help you break your company's network policy. Don't like it; find another place to work.

 

[PlastikSpork]

Check your PM...

 

[nickbits]

Use your phone's Internet.

 

[ichy]

Are you trying to get yourself fired?

 

[PlastikSpork]

Are you trying to get yourself fired?

Why are you so worried about his/her job? Educate him/her on how to bypass the works firewall, but then also explain why it's not a good idea and explain how he/she is going to get caught. Leave it up to the person to decide if that is really worth doing or not... Just my 2 cents.

 

[seepy83]

This should help you:
1 - Click the Start button and select Shutdown
2 - Leave your desk and exit the building
3 - Take your preferred mode of transportation back to your place of residency
4 - Turn on your personal computer
5 - Browse the internet freely

 

[Genx87]

I will make this simple. Why not save yourself the hassle of trying to circumvent your company's security policy and them having to go through the process of firing you and find a job where you can do what you want on the internet?

 

[imagoon]

Why are you so worried about his/her job? Educate him/her on how to bypass the works firewall, but then also explain why it's not a good idea and explain how he/she is going to get caught. Leave it up to the person to decide if that is really worth doing or not... Just my 2 cents.

General policy of this forum is to not work around office security devices. You are also often talking to the same people that build these systems and put them in place.

The correct answer is: Talk to IT, if they tell you to get lost, go cry a river, then follow Seepy83's solution.

 

[PlastikSpork]

General policy of this forum is to not work around office security devices. You are also often talking to the same people that build these systems and put them in place.

The correct answer is: Talk to IT, if they tell you to get lost, go cry a river, then follow Seepy83's solution.

I understand the policy, but yet why is network security such a secret? Not all network administrators are educated in every possible way to circumvent network security. If these holes are explained and discussed won't that be beneficial to those administrators that are not aware of those holes? I think this would also be beneficial for people that are trying to get employed in the IT field when they can show their prospective employer their holes in their network? I think the term for this is ethical hacking.

 

[seepy83]

I understand the policy, but yet why is network security such a secret? Not all network administrators are educated in every possible way to circumvent network security. If these holes are explained and discussed won't that be beneficial to those administrators that are not aware of those holes? I think this would also be beneficial for people that are trying to get employed in the IT field when they can show their prospective employer their holes in their network? I think the term for this is ethical hacking.

Employees trying to circumvent technical and administrative security controls are not whitehats/ethical hackers.

No good can come of this.

 

[imagoon]

I understand the policy, but yet why is network security such a secret? Not all network administrators are educated in every possible way to circumvent network security. If these holes are explained and discussed won't that be beneficial to those administrators that are not aware of those holes? I think this would also be beneficial for people that are trying to get employed in the IT field when they can show their prospective employer their holes in their network? I think the term for this is ethical hacking.

The people asking how to bypass IT policy are not ethical hackers, nor are they the IT guys looking for help with security. They are people that are looking for a way to get their facebook and youtube fix.

A more "ethical hacker" style question is:

"I am a the IT admin and I see that people are using putty to some how get to facebook, how can I enforce my company's policy better?"

not:

"Wah wah, my company uses websense, how can I survive without my youtube fix for 8 hours a day, how do I get around the policy?"

 

[PlastikSpork]

Employees trying to circumvent technical and administrative security controls are not whitehats/ethical hackers.

No good can come of this.

That's not the point I was trying to make!

 

[seepy83]

That's not the point I was trying to make!

OK...What point were you trying to make?

Network Security is not a secret. There are hundreds, if not thousands, of websites that discuss information security. There are plenty of books published on the topic. There are classes you can take to learn about every aspect of it. And you can use all of that information for good, or you can use that information for evil. Using that information to try to bypass your employer's policies is very far on the evil end of the spectrum.

 

[imagoon]

Using that information to try to bypass your employer's policies is very far on the evil end of the spectrum.

It is also incredibly easy to get caught by an admin that has at least a partial clue also.

For example, the putty tunnel thing I mentioned:

1) SSL proxy to inspect your stuff. Admins can push special certs to the workstation to even have this happen transparent to the user (unless the end user did a real good job looking at the certificates in the chain.)

2) simply drop anything not in HTTP headers over port 80 using packet inspection

3) block port 80

Change the port number to any one you want to define. IE 25 / 161 / whatever. It is generally known what should be on those ports, if the data doesn't match it can be dropped or inspected etc.

 

[Anteaus]

I'm in a similar situation at work, but I wouldn't try to bypass. It may or may not work, but if they catch you it is grounds for termination.

My recommendation is that if you really feel you need access to outside email or otherwise restricted websites you should buy a laptop or ipad with 3G service. Easier yet, just get a decent smart phone.

 

[seepy83]

My recommendation is that if you really feel you need access to outside email or otherwise restricted websites you should buy a laptop or ipad with 3G service. Easier yet, just get a decent smart phone.

If not need access to something that they're blocking, then management should approve the access and direct IT to open it up. Bringing in a device with a 3g connection and using it as a covert channel to bypass the security policy is just as bad as trying to disguise your traffic to get it through the organization's restrictions.

 

[imagoon]

If not need access to something that they're blocking, then management should approve the access and direct IT to open it up. Bringing in a device with a 3g connection and using it as a covert channel to bypass the security policy is just as bad as trying to disguise your traffic to get it through the organization's restrictions.

I personally agree with this unless it is 100% personal. IE you are streaming youtube on your phone and only your phone. IE not attaching your phone to your work laptop etc. Once it no longer affects me (IE my employer) I don't care.

 

[Anteaus]

If not need access to something that they're blocking, then management should approve the access and direct IT to open it up. Bringing in a device with a 3g connection and using it as a covert channel to bypass the security policy is just as bad as trying to disguise your traffic to get it through the organization's restrictions.

Using a personal device is not bypassing anything. If the OP wants to access personal email on a personal device, there is no wrong doing. If that's unethical then anyone that has ever checked email on a smart phone during business hours is acting inappropriately. Of course the business might have a policy of not doing things that hinder productivity, but thats an entirely different thing.

Most companies restrict internet access for various reasons, but the most likely are these:

1. Avoiding viruses by blocking things that aren't work related.

2. Protecting corporate/company interests by limiting unmonitored communications.

3. Attempting to maintain productivity by removing potential distractions.

If he OP needs something for work, I'm sure they would provide it if it was possible.