Websense

[qwertyaas]

Question regarding filter services such as Websense. In my office they have Websense deployed and some sites can be used via https:// to bypass the filter. Since I drive to work and traffic and weather sites are blocked, I would like to get on these sites before I leave work to check the best route home.

Question is, can it still be detected if I am visiting these sites? I don't really want them to find out I am going around the filter if they can detect it.

 

[n0cmonkey]

Get a smartphone.

 

[MedicBob]

Get a EVDO/3g, etc. modem for your personal laptop.

 

[SecPro]

Question is, can it still be detected if I am visiting these sites? I don't really want them to find out I am going around the filter if they can detect it.

Then here's an idea: Don't go around the filter.

 

[qwertyaas]

Simple enough. Although it had nothing to do with content but just going around policy. I still have no idea why traffic and weather websites would be filtered when most of the office commutes with a car.

 

[n0cmonkey]

It seems like a stupid policy. Ask why it is blocked, might be interesting. Not worth losing a job over.

 

[qwertyaas]

Originally posted by: n0cmonkey
It seems like a stupid policy. Ask why it is blocked, might be interesting. Not worth losing a job over.

Many asked. They said they are 'updating' the policies and should be unblocking those types of sites... At some point. I don't think they will take disciplinary action unless you actually try to bypass that filter and go to really inappropriate sites. But I try not to cross IT staff in companies. They know how to have some fun

 

[SecPro]

Originally posted by: qwertyaas
Simple enough. Although it had nothing to do with content but just going around policy. I still have no idea why traffic and weather websites would be filtered when most of the office commutes with a car.

Sites have a history of malware, being hacked and loaded with other malicious code, loads a lot cookies, SPAM . . . . this list goes on.

 

[WobbleWobble]

They very likely will have records of the server IPs you hit, so yes they can figure out where you've been going. And don't put an external connection on your work laptop.

And policies are usually or should be set by management, not IT. IT just implements them.

 

[seepy83]

Originally posted by: WobbleWobble
And policies are usually or should be set by management, not IT. IT just implements them.

Most Executives don't have a clue when it comes to IT, and rely heavily on recommendations of their IT staff (whether it be a CIO, CTO, IT Manager, Network Administrator, etc). If the executives where I work were responsible for IT policy, we would probably be running a DSL Connection and Linksys router because they just don't have a clue.

 

[WobbleWobble]

Originally posted by: seepy83

Most Executives don't have a clue when it comes to IT, and rely heavily on recommendations of their IT staff (whether it be a CIO, CTO, IT Manager, Network Administrator, etc). If the executives where I work were responsible for IT policy, we would probably be running a DSL Connection and Linksys router because they just don't have a clue.

Choosing sites to block like Facebook, online banking, online shopping etc. are not a technical issues and should not be decided by IT. IT can provide reports to management to say how much time they calculate is wasted but at the end of the day, it's management that should be making that decision.

 

[seepy83]

Originally posted by: WobbleWobble

Originally posted by: seepy83

Most Executives don't have a clue when it comes to IT, and rely heavily on recommendations of their IT staff (whether it be a CIO, CTO, IT Manager, Network Administrator, etc). If the executives where I work were responsible for IT policy, we would probably be running a DSL Connection and Linksys router because they just don't have a clue.

Choosing sites to block like Facebook, online banking, online shopping etc. are not a technical issues and should not be decided by IT. IT can provide reports to management to say how much time they calculate is wasted but at the end of the day, it's management that should be making that decision.

I'm not saying that IT should have carte blanche in implementing these types of policies. What I'm saying is that there should be someone in IT that is advocating things (such as websites being blocked) because it is in the best interest of the organization, and executives outside of the IT arena often don't understand why these sites should or should not be blocked.

In some cases, blocking certain websites absolutely is a technical issue...it should not only be driven by management because they are concerned with productivity.

 

[SecPro]

Originally posted by: seepy83

Originally posted by: WobbleWobble

Originally posted by: seepy83

Most Executives don't have a clue when it comes to IT, and rely heavily on recommendations of their IT staff (whether it be a CIO, CTO, IT Manager, Network Administrator, etc). If the executives where I work were responsible for IT policy, we would probably be running a DSL Connection and Linksys router because they just don't have a clue.

Choosing sites to block like Facebook, online banking, online shopping etc. are not a technical issues and should not be decided by IT. IT can provide reports to management to say how much time they calculate is wasted but at the end of the day, it's management that should be making that decision.

I'm not saying that IT should have carte blanche in implementing these types of policies. What I'm saying is that there should be someone in IT that is advocating things (such as websites being blocked) because it is in the best interest of the organization, and executives outside of the IT arena often don't understand why these sites should or should not be blocked.

In some cases, blocking certain websites absolutely is a technical issue...it should not only be driven by management because they are concerned with productivity.

I think what you are both trying to say is that it should be a joint effort between management, IT and IT security. There are the technical, security issues I talked about in a previous post. There may be IT issues such as bandwidth or other service issues that arise and there may be management issues such as deciding how much opportunity to waste time on Facebook, E-bay, etc. does management want to allow. In a perfect world no single one of these functions should be making these decisions in a vacuum.

Of course if one function is going to make these decisions Security is obviously the one most capable of doing so.

 

[qwertyaas]

I agree that certain sites should be blocked. Although a simple site such as weather.com or traffic.com in which many people ask to be unblocked and IT agrees, but they don't want to bring it up with the higher ups to change the policy.

But fair enough. It is why I asked. I don't want to go against the policy and will not. I have not and will not even try a proxy to visit sites either. I just know https:// is a sort of loophole of Websense.

 

[Tbirdkid]

if websense was setup correctly, yes, everything, and i mean everything is logged. it really depends on how websense is deployed. my usual practice when deploying it is to monitor everything because just about every business cio or head person wants to see where everyone has been, and the most visited sites. whether or not you use https, http, it doesnt matter. they just havent blocked the whole domain when they setup websense. any time you setup a websense there are at least two entries for each site, the secure one, and the regular one (https and http)

Hope this helped.

Im with everyone else, get a phone that you can use as a modem, or get a smartphone of some sort...

 

[Oakenfold]

Question regarding filter services such as Websense. In my office they have Websense deployed and some sites can be used via https:// to bypass the filter. Since I drive to work and traffic and weather sites are blocked, I would like to get on these sites before I leave work to check the best route home.

Question is, can it still be detected if I am visiting these sites? I don't really want them to find out I am going around the filter if they can detect it.

Yes it can be detected. Your Internet use policy is there for a reason, so is Websense. Don't circumnavigate the control. Is your job worth losing over browsing a website? If it is, then by all means go ahead and browse...

 

[SolMiester]

Question regarding filter services such as Websense. In my office they have Websense deployed and some sites can be used via https:// to bypass the filter. Since I drive to work and traffic and weather sites are blocked, I would like to get on these sites before I leave work to check the best route home.

Question is, can it still be detected if I am visiting these sites? I don't really want them to find out I am going around the filter if they can detect it.

Hi, the log files have details of ALL sites visited, whether allowed or not...AFAIK, least I hope they do, we are looking at trialling it...or maybe just going through goggle!

 

[imported_NoGodForMe]

All sites visited are stored in a DNS log, the admin can check it. Now, there is a way around this, and I do it here at work. It's called a tunnelier, I go through the fire wall on port 443 to a proxy set up at home. Many talk about setting up a home proxy, but very few actually tell how to do it. Well, I can show you how to set it up. On Firefox, I set my DNS to the proxy, so it's not logged here at the company. That means I can surf any site I want, stream music, and the DNS is coming from the proxy. The IT guys know I do it and look the other way because I know them. The key is whether you can install programs on your PC. They're usually locked down, and you need admin rights. Get an excuse for some program you need installed. The admin will usually set full rights on your PC and leave it.

Page 2 of this thread has the directions.
http://www.tribalwar.com/forums/showthread.php?t=466675&highlight=tunnelier&page=2
And no, I don't need to hear threats from people saying I'm going to lose my job. If you look at the dates on the thread, you'll notice it's from 2007, and I'm still here. Enjoy.

 

[LS8]

Netbook + mobile broadband.

You're telling me www.wunderground.com is blocked? Somehow I doubt that.

Anyway, yes, your IT people can see where you're going. They can see all traffic - ALL traffic.

 

[LS8]

All sites visited are stored in a DNS log, the admin can check it. Now, there is a way around this, and I do it here at work. It's called a tunnelier, I go through the fire wall on port 443 to a proxy set up at home. Many talk about setting up a home proxy, but very few actually tell how to do it. Well, I can show you how to set it up. On Firefox, I set my DNS to the proxy, so it's not logged here at the company. That means I can surf any site I want, stream music, and the DNS is coming from the proxy. The IT guys know I do it and look the other way because I know them. The key is whether you can install programs on your PC. They're usually locked down, and you need admin rights. Get an excuse for some program you need installed. The admin will usually set full rights on your PC and leave it.

Page 2 of this thread has the directions.
http://www.tribalwar.com/forums/showthread.php?t=466675&highlight=tunnelier&page=2
And no, I don't need to hear threats from people saying I'm going to lose my job. If you look at the dates on the thread, you'll notice it's from 2007, and I'm still here. Enjoy.

This is one way around it BUT if your company actually has an IT security department and people watching traffic and tuning network devices they will find out and don't be surprised if you're fired when they do - no offense, I've seen it happen at several companies.

 

[FDF12389]

Netbook + mobile broadband.

You're telling me www.wunderground.com is blocked? Somehow I doubt that.

Anyway, yes, your IT people can see where you're going. They can see all traffic - ALL traffic.

I just turned on all categories on our test subnet, and was still able to hit that site, just an FYI OP.