does anyone know how to bypass a proxy server that uses port 8080 and port 80 is closed??
any help would be great.
thanks,
Jordan
any help would be great.
thanks,
Jordan
how to bypass a proxy server???
- Thread starter servin247365
- Start date
yup, if it's business related, I'm sure your net. admin. will have no problems putting that url in proxy server's the exceptions list.
now if you just want to surf for any purpose, assuming anonymizer isn't blocked, you can use it.
Originally posted by: skyking
I know of a few. Every time I find a new way, I block it too
LOFL..muwahahahahaha
skyking: what do you do when you can't block the method? or have you not found one that you couldn't block yet?
i am not talking about https traffic. i am talking about someone making a vpn connection to there house and then surfing the web using a proxy server located at their house.
unless that tunnel is running on port 443 it ain't getting out.
even then an IDS sensor can recognize tunnel like activity from a normal SSL connection and shun the connection. but that gets rather sophisticated.
This feature was meant to prevent people (contractors, vendors) from using their SSL VPN concentrators at their home office. security no-no to allow this sort of thing.
even then an IDS sensor can recognize tunnel like activity from a normal SSL connection and shun the connection. but that gets rather sophisticated.
This feature was meant to prevent people (contractors, vendors) from using their SSL VPN concentrators at their home office. security no-no to allow this sort of thing.
Nothinman
Elite Member
- Sep 14, 2001
- 30,672
- 0
- 0
It's not difficult to setup your SSH server on port 443.
AFAIK you can't differentiate between a normal SSH connection and one that's got forwarding (or the new full VPN tunneling they added). Yes yo ucan see the SSH handshake because they have to exchange versions in the clear, but that's it. And you don't have to use SSH, it's just the easiest to setup IMO. There are a ton of "SSL VPNs" out there.
the only way I know is if all web traffic goes through proxy with a whitelist.
everything else gets blocked.
that might work, but it would take a while to build a decent whitelist....
even if you got through, it's always possible (probable) that only certain known ip addresses would be permitted as destinations.
Garion
Platinum Member
- Apr 23, 2001
- 2,331
- 7
- 81
Sure, there's several ways to bypass a proxy. Actually, that's a misnomer - You don't bypass it, you tunnel through it. Depending on the size of the company, you might get away with it for a while. But eventually it'll come out in the end and we'll find you.
Two things to keep in mind:
It's THEIR network. Not yours. They have every right to (and do!) log every bit of traffic that goes in and out. If you're abusing the privledge you're going to get busted. Most good proxy guys get reports of what's happening on their infrastructure each day and they tend to notice things like a bunch of CONNECT requests to "dhcp1033.phoenix.comcast.net".
Most big companies have an Acceptable Use Policy that says what you can and can't do on their network and infrastructure. Tunneling traffic that you don't want tracked is definitely a violation. If you break it, you'll get punished or fired. Is it worth it?
FYI, I run the proxy environment for one of the largest banks in the US. We pump almost 100M URL requests through each day, sometimes upwards of 250Mb/s of Internet traffic. My daily reports go straight to the security group. People get fired at least weekly for doing dumb things. We try to prevent it, but we can't stop intelligent idiots from bypassing the systems and getting themselves in trouble. Do me a favor. Don't be one of them.
If you work for my bank, I'll be watching for you. Don't tick me off and abuse my toys.
- G
Two things to keep in mind:
It's THEIR network. Not yours. They have every right to (and do!) log every bit of traffic that goes in and out. If you're abusing the privledge you're going to get busted. Most good proxy guys get reports of what's happening on their infrastructure each day and they tend to notice things like a bunch of CONNECT requests to "dhcp1033.phoenix.comcast.net".
Most big companies have an Acceptable Use Policy that says what you can and can't do on their network and infrastructure. Tunneling traffic that you don't want tracked is definitely a violation. If you break it, you'll get punished or fired. Is it worth it?
FYI, I run the proxy environment for one of the largest banks in the US. We pump almost 100M URL requests through each day, sometimes upwards of 250Mb/s of Internet traffic. My daily reports go straight to the security group. People get fired at least weekly for doing dumb things. We try to prevent it, but we can't stop intelligent idiots from bypassing the systems and getting themselves in trouble. Do me a favor. Don't be one of them.
If you work for my bank, I'll be watching for you. Don't tick me off and abuse my toys.
- G
Garion: I work for a small bank but we are both held to the same standards. By passing the proxy is not a problem or even an issue. you know like i do that the FDIC Examiners are not only concerned that this is not happening but that it is being prevented before it can become an issue.
i don't think someone with a malicious intent is going to hardly stop because of a policy or even the fear of being fired.
are these "real time reports"? I know mine are a day behind. so when we look at these reports the damage may already be done. that is kind of scary.
i don't think someone with a malicious intent is going to hardly stop because of a policy or even the fear of being fired.
are these "real time reports"? I know mine are a day behind. so when we look at these reports the damage may already be done. that is kind of scary.
Originally posted by: skyking
I also have access to the clients themselves.
That makes it a bit easier, since they forget to clear history
dude...you're so evil
RebateMonger
Elite Member
- Dec 24, 2005
- 11,586
- 0
- 0
When I was a poor, ordinary USER, I always cleared my history and my temporary files, just in case....Originally posted by: Goosemaster
dude...you're so evilOriginally posted by: skyking
I also have access to the clients themselves.
That makes it a bit easier, since they forget to clear history
On another note, this reminds me of a woman I did some work for. She was the President of a major non-profit religious-oriented company.
When I looked at her laptop at her home, she showed me a bunch of "evil" IE history files....XXXHotWomen, etc.... She demanded that I get them off there, and wanted to know how they could have possibly gotten onto her computer.
I smiled at her teenage son.....
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 22K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
News NVIDIA and Intel to Develop AI Infrastructure and Personal Computing Products- Started by poke01
- Replies: 404
-
Facebook
Twitter