External proxie servers designed to bypass other internal proxies.

Toggle sidebar Toggle sidebar
P

Phuz

Diamond Member
Jul 15, 2000
4,349
0
0
A guy at work was just fired (along with others) for using a local proxie server at work, to bypass our company proxie server.
This allowed him access to anything he wanted.
Apparently, this proxie server was designed for the sole purpose of bypassing company/corporate proxies in the work place.

How would something like this work?
How would the network allow access to an external proxie without verifying the content?

I find this stuff interesting. Can anyone enlighten me?

 
K

KingNothing

Diamond Member
Apr 6, 2002
7,141
1
0
Poor network security is all it was. I've seen plenty of places where turning off the proxy let you go wherever you wanted. *shrug*
 
P

Phuz

Diamond Member
Jul 15, 2000
4,349
0
0
No, the company proxie HAS to be put in for any internet access period, even interal stuff. If you turn it off, you get nothing.
So, if you take that out, and input a local proxie from outside of the building... you gain full internet access inside and outside the firewall/proxie etc.

How does that work?
 
D

Double Trouble

Elite Member
Oct 9, 1999
9,270
103
106
There's one way for that to work, and that is to use an external encrypted proxy. Basically, you go through the 'real' company proxy to get to an encrypted external site. The data stream between your PC and the external site is encrypted from that point forward, the company proxy can only 'see' encrypted data, it has no clue what's going through there. Then, you could browse through the external proxy. Lets say you want to visit anandtech.com.... the external proxy would connect to AT, grab the data/page, encrypt it, and send it through to your machine. All the while, your company proxy doesn't have a clue what's going on, other than that there's a stream of enctrypted data going through, which is usually enough to raise some flags anyway.
 
B

bmacd

Lifer
Jan 15, 2001
10,869
1
0
Originally posted by: tagej
There's one way for that to work, and that is to use an external encrypted proxy. Basically, you go through the 'real' company proxy to get to an encrypted external site. The data stream between your PC and the external site is encrypted from that point forward, the company proxy can only 'see' encrypted data, it has no clue what's going through there. Then, you could browse through the external proxy. Lets say you want to visit anandtech.com.... the external proxy would connect to AT, grab the data/page, encrypt it, and send it through to your machine. All the while, your company proxy doesn't have a clue what's going on, other than that there's a stream of enctrypted data going through, which is usually enough to raise some flags anyway.
Click to expand...

Is this a similar process to visiting the-cloak.com?

-=bmacd=-
 
P

Phuz

Diamond Member
Jul 15, 2000
4,349
0
0
Originally posted by: tagej
There's one way for that to work, and that is to use an external encrypted proxy. Basically, you go through the 'real' company proxy to get to an encrypted external site. The data stream between your PC and the external site is encrypted from that point forward, the company proxy can only 'see' encrypted data, it has no clue what's going through there. Then, you could browse through the external proxy. Lets say you want to visit anandtech.com.... the external proxy would connect to AT, grab the data/page, encrypt it, and send it through to your machine. All the while, your company proxy doesn't have a clue what's going on, other than that there's a stream of enctrypted data going through, which is usually enough to raise some flags anyway.
Click to expand...

Thats brilliant! Basic networking I'm sure, but I find it really neat. I found it strange that the 'IT' people weren't aware of the situation until they were informed by the individuals supervisor. I mean, they have over 500 computers to maintain.

I'm surprised they didn't get flagged by simply seeing so much access on the same IP... but then again, IT only gets a dollar more an hour than we do.. so I can understand their lack of motivation. ;)
 
Geekbabe

Geekbabe

Moderator Emeritus<br>Elite Member
Oct 16, 1999
32,229
2,539
126
www.theshoppinqueen.com
Originally posted by: bmacd
Originally posted by: tagej
There's one way for that to work, and that is to use an external encrypted proxy. Basically, you go through the 'real' company proxy to get to an encrypted external site. The data stream between your PC and the external site is encrypted from that point forward, the company proxy can only 'see' encrypted data, it has no clue what's going through there. Then, you could browse through the external proxy. Lets say you want to visit anandtech.com.... the external proxy would connect to AT, grab the data/page, encrypt it, and send it through to your machine. All the while, your company proxy doesn't have a clue what's going on, other than that there's a stream of enctrypted data going through, which is usually enough to raise some flags anyway.
Click to expand...

Is this a similar process to visiting the-cloak.com?

-=bmacd=-
Click to expand...


most places with a decent IT staff block proxies like that via their web filtering software
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom