 |
|
|
|
|||||||||||
|
||||||||||||||
|
|
||||||||||||||
|
|
|
|
|
Brand New! Check out the Technical forum! Post your questions or help someone else with theirs! Administration (newest entry first) Administration (oldest entry first) New messages (newest message first) New messages (oldest messages first) Message archive (newest message first) Message archive (oldest message first)
|
|||
 |
|||
|
|
|
 |
||
|
Proxy Servers that act as circumventors. I’ll give my own version of what a proxy server is and why I believe most web based proxy servers are really circumventors. Wikipedia http://en.wikipedia.org/wiki/Proxy_server will give you a detailed breakdown. Proxy servers – Generally used to redirect traffic on the Internet. There legitimate uses include keeping your identity safe from the sites you want to view. The proxy server goes to the site and gets the page for you. In some cases it may already have the page cached. The “target site” never even knows you were there. Technically there are many different ways in which this hardware and or software work. Internally a company may incorporate a proxy server to reduce threats from hackers and malicious software (One of the few legitimate uses) Circumventors – Proxy Servers that help you bypass the security or blocking that your employer or organization has established. For example, you work at an institution XYZ that blocked access to several video sites. Their reasons for doing so may not just be for content. They may be concerned with BANDWIDTH usage limits or PRODUCTIVITY. You access the proxy server and request one of the video sites. Now you are streaming a video right past the security or blocking features that have been put into place for XYZ. By these two definitions all public web based proxy servers are circumventors. The Problems – Schools and institutions trying to protect underage veiwing of adult material or other inappropriate material are having their efforts thwarted. In addition mid to small sized companies with limited bandwidth are now having to contend with network traffic issues and waste valuable resources to prevent access to these proxy/circumventors. Another potential risk is infection, trojan installers and the fact that some proxy servers may be recording what you are sending. It all adds up to a big bag of worms. Are there civic minded web based proxy servers - Obviously there are probably some well meaning web based proxy servers out there whose sole intention is to protect the public from evil Internet sites. However, how would you know which is which? Public Web Based Proxy servers are not your friend - A lot and I mean a lot of these so called Proxy Servers are not there to help you. They are there to get traffic and sell advertisements. That’s why there are a ton of ads all over their web pages. In many cases these sites advertise how they are protecting you from the “evil Internet” or prying eyes of hackers. This is done in an attempt to legitimize themselves. I even saw one site that quoted part of the Human rights act of the United Nations in an attempt to make you think that your rights are being violated and that the use of their proxy server is justified. More than likely your company or organization does not agree. The bottom line is that if your company has set a policy to block access to a site or many sites or all sites it is their right to do so. The laws are firmily established. They are not preventing you from accessing information. You can go to the public library, your home computer or an internet café and access whatever you want. You just can’t do it at work. In the case of schools or institutions with underage children they basically have two choices. Find a way to prevent access to inappropriate material or block internet access completely. As I have already said most of these sites are there as circumventers. Even when they spout off about “protecting you” they advertise “get around blocked sites” on the same page. BTW: Do you think these Proxy Server people will care if you lose your job, crash your companies network or get kicked out of school? Risk from a user standpoint – The user just wants to get to that website that he or she was blocked from however there are a couple of things you should know. First, most IT departments do not have stupid people working in them. More than likely your attempts to circumvent your companies restrictions are being recorded and any minute now your boss and your bosses boss are going to get a detailed report. Now if getting fired is not a fear perhaps being charged for the cost of interfering with legitimate business will make you think twice. If your web based proxy server infects your companies network with a worm or virus or some form of malware they are not going to be happy. It is bad enough when a mistake like this happens while you were doing something legitimate, but causing it cause you broke the corporate rules and circumvented the system? You may have also created a personal nightmare. Didn’t order that sailing Vessel from Boats Are Us? If you used a web based proxy server and sent any personal information it that might be how your identity theft occurred. IT professionals should look at the options – One solution is to use your own proxy server and force all internet traffic through it. Your internal proxy server or firewall will most likely allow you to filter content or create a blocked list of sites. However, if you are relying on a “Blocked” list you will have your work cut out for you. There are hundreds of these sites if not thousands. If you are using a firewall or other device to protect your WAN connections you might want to see what options they have. They may already have a way to block web based proxy server usage. Unfortunately most of the serious postings on the web will tell you that the bottom line is to have a serious formal policy, posted and enforced by management. It departments can reduce the abuse but they are becoming taxed at the attempts to keep up. This answer will become even more prevalent once newer technologies find their way into the hands of users and abusers. If you check out the article posted on WindowsITpro you will find that client based proxy services are just around the corner and have the potential to allow users to circumvent security and restrictions simply by installing a script on their machines. See http://www.windowsitpro.com/Articles/ArticleID/50328/50328.html?Ad=1 Also while investigating this subject I found a Microsoft document. Article ID : 257685 It seemed to suggest that you could prevent proxy server circumventing by disallowing IP forwarding. The search on the Microsoft support site returned the following, but the document itself says nothing about why you would make these changes. Proxy Server 2.0 Security Checklist This prevents clients from bypassing Proxy Server to access the Internet. If you are using DHCP, remove the same references to prevent your DHCP servers from accessing addresses outside ... support.microsoft.com/kb/257685 5/17/2007 I am not really clear on this and I have not had time to investigate further. I would also be concerned that turning this off might impair other devices or server functions on the network. If anyone has any information about whether or not this works please send me an email.
|
||