Re: [PEN-TEST] websence bypass ?

From: Rebecca Kastl (rkastlat_private)
Date: Wed Apr 25 2001 - 17:37:25 PDT

Next message: Joseph Nicholas Yarbrough: "[PEN-TEST] "Intercept""

Previous message: Russ Spooner: "Re: [PEN-TEST] Anyone got a DHCP spoofer?"
In reply to: francois RAYNAUD: "[PEN-TEST] websence bypass ?"
Next in thread: Beauregard, Claude Q: "Re: [PEN-TEST] websence bypass ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 25 Apr 2001, francois RAYNAUD wrote:

> while doing a penetration testing for my company, they ask if i could
> test Websence, which is a url proxy filter. Does somebody has any idea
> how to bypass it from the inside ?

Packet fragmentation, use IP address instead of DNS, Internet accessible
proxies/portals, tunneling via ssh, relaying, etc.

--Rebecca Kastl

Next message: Joseph Nicholas Yarbrough: "[PEN-TEST] "Intercept""
Previous message: Russ Spooner: "Re: [PEN-TEST] Anyone got a DHCP spoofer?"
In reply to: francois RAYNAUD: "[PEN-TEST] websence bypass ?"
Next in thread: Beauregard, Claude Q: "Re: [PEN-TEST] websence bypass ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 08:13:18 PDT