Re: [PEN-TEST] websence bypass ?

From: Beauregard, Claude Q (CQBeauregardat_private)
Date: Thu Apr 26 2001 - 08:18:09 PDT

  • Next message: Mike Kikkert: "Re: [PEN-TEST] websence bypass ?"

    Say a site like packetstorm is being blocked. Use this to bypass Websense
    security:
    
    http://www.packetstorm.securify:80
    
    Works everytime
    
    -----Original Message-----
    From: Penetration Testers [mailto:PEN-TESTat_private]On Behalf
    Of Rebecca Kastl
    Sent: Wednesday, April 25, 2001 8:37 PM
    To: PEN-TESTat_private
    Subject: Re: [PEN-TEST] websence bypass ?
    
    
    On Wed, 25 Apr 2001, francois RAYNAUD wrote:
    
    > while doing a penetration testing for my company, they ask if i could
    > test Websence, which is a url proxy filter. Does somebody has any idea
    > how to bypass it from the inside ?
    
    Packet fragmentation, use IP address instead of DNS, Internet accessible
    proxies/portals, tunneling via ssh, relaying, etc.
    
    
    --Rebecca Kastl
    



    This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 09:00:59 PDT