Rebecca, Without doing any penetration at all, users inside a corporate environment with Websense running can access a site that "caches" pages--such as http://www.google.com and display blocked sites. --PierreVB > -----Original Message----- > From: Rebecca Kastl [mailto:rkastlat_private] > Sent: Wednesday, April 25, 2001 8:37 PM > To: PEN-TESTat_private > Subject: Re: [PEN-TEST] websence bypass ? > > > On Wed, 25 Apr 2001, francois RAYNAUD wrote: > > > while doing a penetration testing for my company, they ask > if i could > > test Websence, which is a url proxy filter. Does somebody > has any idea > > how to bypass it from the inside ? > > Packet fragmentation, use IP address instead of DNS, Internet > accessible > proxies/portals, tunneling via ssh, relaying, etc. > > > --Rebecca Kastl >
This archive was generated by hypermail 2b30 : Thu Apr 26 2001 - 14:26:07 PDT