PDA

View Full Version : Is there a way to fool web security with a new domain?



Kenric
05-11-2005, 07:13 AM
I am in a bit of a dilemma. Currently, at my job the IT department decided to crackdown on internet usage and unfortunately invested in Symantec web security within the company. The result of this is my site being banned from being viewed at work because it is a flight simulation site which falls under the category of gaming due to its classification in web searches. I did everything I could to get my site reclassified however I think once my site was added to the Symantec database there is nothing I can do unless the admins manually make the site acceptable which they have refused to do. Now, I'm trying to beat the system sort of speak. Is there anyway I can move my content to a different directory in my account and alias it with a new domain name? Other than that I think I'm out of options. I hate proxy servers at the job. :cry:

torrin
05-11-2005, 07:38 AM
First of all, I don't advocate this at all. If work wants to disable your web access, you shouldn't do anything to circumvent it. That is very dangerous to your job. My advice is, "Don't do it!" Now that I got that out of the way.

What you can do depends on how Symantec web security works. If it works by banning IP addresses, you're out of luck, no matter what domain name you use. A proxy server is the only think I can think of that will work in that situation. Try to get to the IP address of that server and see where it takes you.
How familiar are you want linux (or other unix based system)? This is sort of a proxy approach, but not exactly. If you're using X-windows, you can set up an ssh tunnel to another computer. Let's say you set up a tunnel between computer 1 (home) and computer 2 (work). Basically, your web browser will be running at computer 1 but will display on computer 2. If you want to try this, reply and I'll try to find approprate documentation.

Kenric
05-11-2005, 11:33 AM
First of all, I don't advocate this at all. If work wants to disable your web access, you shouldn't do anything to circumvent it. That is very dangerous to your job. My advice is, "Don't do it!" Now that I got that out of the way.

What you can do depends on how Symantec web security works. If it works by banning IP addresses, you're out of luck, no matter what domain name you use. A proxy server is the only think I can think of that will work in that situation. Try to get to the IP address of that server and see where it takes you.
How familiar are you want linux (or other unix based system)? This is sort of a proxy approach, but not exactly. If you're using X-windows, you can set up an ssh tunnel to another computer. Let's say you set up a tunnel between computer 1 (home) and computer 2 (work). Basically, your web browser will be running at computer 1 but will display on computer 2. If you want to try this, reply and I'll try to find approprate documentation.


Actually, I think I worded that incorrectly. They are not trying to totally disable internet access but only certain categories of websites (porn, sports, games, etc.) at the job. This is mostly accomplished based on how the site is classified on the internet. Now, there are other flight simulation sites out there that I can still access at work. Probably, because their webmaster was smart enough not to register their site with as many search engines as they could through networksolutions like I did. I think Symantec actually blocks out the domain name and not the IP address although if you do put in the IP address you can not get to the site of course because the number is associated with that domain and it returns an error saying the entry causing block is flyafa.com. Since it says flyafa.com is causing the block rather than the IP address I assuming its just the domain being blocked I hope.

torrin
05-11-2005, 02:53 PM
Actually, I think I worded that incorrectly. They are not trying to totally disable internet access but only certain categories of websites (porn, sports, games, etc.) at the job.

None the less, since your site ended up on the block list, you should probably go through whatever process that is set up at your job to unblock it. If this site is crucial to your job there should be no problem. :)


I think Symantec actually blocks out the domain name and not the IP address although if you do put in the IP address you can not get to the site of course because the number is associated with that domain and it returns an error saying the entry causing block is flyafa.com. Since it says flyafa.com is causing the block rather than the IP address I assuming its just the domain being blocked I hope.

Correct me if I'm wrong, but from what you tell me, it looks like it's blocking both. In scenario 1, you typed in your domain name and that's blocked. In scenario 2, you typed in your IP address and that's blocked. As far as I know, in scenario 2, there is no lookup for the domain name, so I don't know how the blocking could be done except by IP address.