Websense

[Archangel-Amael]

This isn't the sentiment I would expect from this forum. I don't know his exact circumstances, only that he is requesting help in bypassing a proxy filter.

In that case he was given several examples of what to do.

In my job of pen-testing, this is the first thing I do when I'm on-site. I don't want their IT people snooping on my browsing or seeing what tools I'm downloading.

As such that is apart of your job. We would expect these types of actions.

If I asked this very question I would hope to get an answer, not legal posturing and discouragement.

He did and well you even gave one as well.

I mean, he already said his superior has no problem with him bypassing it.

No I am afraid that is not exactly what he said. For reference here it is again.

Im not gonna loose my job by looking at remote exploit forum i work in 'it' and my boss has no problem with us browsing the net when its quite etc it just something thats is implemented 'above us' they like to waste money and be 'in control' so to speak - you'll prob here of this alot more though its getting quite popular ..oh and i found this both interesting and amusing

The first part is "Im not gonna loose my job by looking at remote exploit forum.." is only his opinion nothing more. The "my boss has no problem with us browsing the net when its quite etc..." How are we to know or his boss for that matter what all websites he is looking at. And the consequences they could have on other things. Yeah, you and I know slim to none but that may not be the upper management view or else it would not be black-listed.
Then there is the whole tone of "they like to waste money and be 'in control'..." bit, this sounds to me like someone as streaker69 pointed out as young and potentially just starting off in some sort of career. Now with as he mentioned the economy, what would be a better thing to do, a leave r-e alone until he gets permission. Or B. lose it due to some stupid rule violation about one website?

I understand your sentiments williamc, but I would expect someone that is a pro, not to support the same ideas that a user potentially misusing company resources, is not the best interest of the company.

[streaker69]

Was just after some info or greater knowlegde, think some people are staying up too late or getting old or both, i work hard in work and from time to time i browse the net, tell u what though some lazy bstrds do sod all most of the day`and are better payed so i'll b buggered if i work non stop. if we use ultra vnc for troubleshooting users remotely wouldn't think a connection to my home pc would stand out.

Regardless of how hard you work, if your company has a computer usage policy and if you've agreed to that policy when you started working there, you should not be bypassing their controls that are in place.

But hey, that's your choice, because most of the time, people doing such things eventually get caught, and get fired. NetAdmins have the responsibility of looking for people violating the rules, and they would be at fault if they didn't report people violating policies.

[webtrol]

When reading this subject I started to wonder how many security systems are compromised by well meaning people.

[streaker69]

When reading this subject I started to wonder how many security systems are compromised by well meaning people.

Lots. "Well Intentioned people" can be the bane of our existence. Users seem to think that policies are put in place just to annoy them, and they fail to see that most policies are there to keep the network safe.

[Archangel-Amael]

Lots. "Well Intentioned people" can be the bane of our existence. Users seem to think that policies are put in place just to annoy them, and they fail to see that most policies are there to keep the network safe.

Absolutely, I would have to agree.
And not only the network but the company it's self, their customers, and the "all mighty bottom line" or profits. I guess streaker some of these types of thought processes do come with time/age.

[streaker69]

Absolutely, I would have to agree.
And not only the network but the company it's self, their customers, and the "all mighty bottom line" or profits. I guess streaker some of these types of thought processes do come with time/age.

Time/Age yes, but also with your responsibilities as well. When you're the one that's gotta fix the stuff that well intentioned Lusers break, then you try to mitigate what they can break.

Of course, then you get the Lusers that try to pass blame for their own idiocy on someone else. I'm sure you've heard it, they claim that the Admins should have protected them better and it's the admins fault that they went to a site in at www.fsckmehrd.ru and executed some nasty 0day on themselves. Even though they found some method of bypassing the controls that were in place.

I've played this cat & mouse game with one user at my site, he's no longer working for us either.

[theprez98]

...they went to a site in at www.fsckmehrd.ru and executed some nasty 0day...

Sorry, 'www.fsckmehrd.ru' does not exist or is not available.
Did You Mean: real estate, fsck mehrd

[streaker69]

Sorry, 'www.fsckmehrd.ru' does not exist or is not available.
Did You Mean: real estate, fsck mehrd

Yes, yes I did.

[thorin]

Anyway it has started tightening up on what people view and blocking more and more and lo and behold it has blocked Remote exploit forums

So i installed logmein which is a remote desktop style server client on my laptop at home and left it on. I then logged into it from work and there i was on my home laptop, i clicked my explorer icon and voila remote exploit forum access. Now in work we use WINVNC to trouble shoot user problems etc so im gonna set this up (i personaly havent used it) anyways i was suprised to see that there was nothing found under 'websense' on the forums ie no one else has had similar trouble - so any 1 had dealing with it or know any interestin stuff bout it ?

"no one else has had similar trouble" what trouble are you talking about? It's working as intended.

[Chobin73]

Sorry all, but i think that maybe some are forgetting that not all of the people reading remote exploits forums are living in the US or in any other country in which company policies are intended to be followed "to the ground" under menace of termination.
For instance, here in italy employees surfing control is strictly forbidden. Companies are obviously allowed to put in place any kind of url filtering they want, but they cannot "pinpoint" these filters on specific employees, nor they can check who is watching what. Moreover, it's not considered illegal at all to surf news or personal websites during working hours, since local supreme court has stated that "sporadic or moderated use of company's IT systems for personal purposes cannot lead to disciplinary actions or termination". This ends to the fact that net admins are allowed to check if a policy is working or not, but they cannot neither check nor tell who is overriding this policy until it leads to a crime or company loss. In these cases a local court act telling them to store records of surfing activity referred to a specific employee can be issued...
In fact, local laws tells that it's not illegal to override url filtering during working hours and using company's IT systems for personal purposes unless it is proven that such an activity has effectively caused a loss to the company itself or can be prosecuted as a crime...
Obviously, an employee must adhere to a "Company IT systems usage policy", but this statement falls under direct control of his activity, which means that a user can be appointed for breaking company policies only if he's personally caught while doing it or if his computer looks intentionally damaged or not funcional due to unapproved software installations...
At the final end: local laws assumes that a business company can do everything wants to prevent unapproved internet surfing but they cannot monitor user's activity remotely, therefore if a user knows how to override company policies and it does, it's a company fault, not an employee breakout...I know it may sound strange, but that's how it works...