Re: Bypassing proxies

2002-11-19 Thread Phillip Hofmeister
On Tue, 19 Nov 2002 at 04:59:08PM +0100, DEFFONTAINES Vincent wrote: > people do what they please. > my job is [to try] to keep the network secure, in spite of users installing > whatever. Not to mention if you burden your proxy server with all this overhead it may not function well on any volume

Re: Bypassing proxies

2002-11-19 Thread Rolf Kutz
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]): > > Since the traffic is encrypted, content filtering > > will not trigger. > > Thats true for HTTPS, not HTTP. According their website, the tunnel is AES-encrypted. > > Why do you allow people to install software on the > > clients, if you d

Re: Bypassing proxies

2002-11-19 Thread Phillip Hofmeister
On Tue, 19 Nov 2002 at 04:59:08PM +0100, DEFFONTAINES Vincent wrote: > people do what they please. > my job is [to try] to keep the network secure, in spite of users installing > whatever. Not to mention if you burden your proxy server with all this overhead it may not function well on any volume

Re: Bypassing proxies

2002-11-19 Thread Rolf Kutz
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]): > > Since the traffic is encrypted, content filtering > > will not trigger. > > Thats true for HTTPS, not HTTP. According their website, the tunnel is AES-encrypted. > > Why do you allow people to install software on the > > clients, if you d

RE: Bypassing proxies

2002-11-19 Thread DEFFONTAINES Vincent
> > > Wondering if some people know of some "content-aware" > proxies/filters, to > > attempt to block [some of] those dangerous products (apart > from maintaining > > a black-list...) > > Since the traffic is encrypted, content filtering > will not trigger. > Thats true for HTTPS, not HTTP.

Re: Bypassing proxies

2002-11-19 Thread Rolf Kutz
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]): > Wondering if some people know of some "content-aware" proxies/filters, to > attempt to block [some of] those dangerous products (apart from maintaining > a black-list...) Since the traffic is encrypted, content filtering will not trigger. >

Re: Bypassing proxies

2002-11-19 Thread Andrew Pritchard
> > Wondering if some people know of some "content-aware" proxies/filters, to > > attempt to block [some of] those dangerous products (apart from maintaining > > a black-list...) > If you allow out FTP I will be able to start an SSH connection over port > 20 (FTP-Data) and it will look like a binar

RE: Bypassing proxies

2002-11-19 Thread DEFFONTAINES Vincent
> -Original Message- > From: Phillip Hofmeister [mailto:[EMAIL PROTECTED] > Sent: Tuesday 19 November 2002 15:30 > To: DEFFONTAINES Vincent > Cc: debian-security@lists.debian.org > Subject: Re: Bypassing proxies > > > On Tue, 19 Nov 2002 at 02:48:04PM +0100,

RE: Bypassing proxies

2002-11-19 Thread DEFFONTAINES Vincent
> > > Wondering if some people know of some "content-aware" > proxies/filters, to > > attempt to block [some of] those dangerous products (apart > from maintaining > > a black-list...) > > Since the traffic is encrypted, content filtering > will not trigger. > Thats true for HTTPS, not HTTP.

Re: Bypassing proxies

2002-11-19 Thread Phillip Hofmeister
On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES Vincent wrote: > Wondering if some people know of some "content-aware" proxies/filters, to > attempt to block [some of] those dangerous products (apart from maintaining > a black-list...) If you allow out FTP I will be able to start an SSH conne

Bypassing proxies

2002-11-19 Thread DEFFONTAINES Vincent
Some companies sell products such as this : http://www.symmetrypro.com/FaB.htm that any clueless user can install with the help of 3 mouse clicks on their dektop. It autodetects proxy settings, creates an HTTP tunnel through corporate proxy to software editor companyserver, so you can read your em

Re: Bypassing proxies

2002-11-19 Thread Rolf Kutz
* Quoting DEFFONTAINES Vincent ([EMAIL PROTECTED]): > Wondering if some people know of some "content-aware" proxies/filters, to > attempt to block [some of] those dangerous products (apart from maintaining > a black-list...) Since the traffic is encrypted, content filtering will not trigger. >

Re: Bypassing proxies

2002-11-19 Thread Andrew Pritchard
> > Wondering if some people know of some "content-aware" proxies/filters, to > > attempt to block [some of] those dangerous products (apart from maintaining > > a black-list...) > If you allow out FTP I will be able to start an SSH connection over port > 20 (FTP-Data) and it will look like a binar

RE: Bypassing proxies

2002-11-19 Thread DEFFONTAINES Vincent
> -Original Message- > From: Phillip Hofmeister [mailto:[EMAIL PROTECTED]] > Sent: Tuesday 19 November 2002 15:30 > To: DEFFONTAINES Vincent > Cc: [EMAIL PROTECTED] > Subject: Re: Bypassing proxies > > > On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES V

Re: Bypassing proxies

2002-11-19 Thread Phillip Hofmeister
On Tue, 19 Nov 2002 at 02:48:04PM +0100, DEFFONTAINES Vincent wrote: > Wondering if some people know of some "content-aware" proxies/filters, to > attempt to block [some of] those dangerous products (apart from maintaining > a black-list...) If you allow out FTP I will be able to start an SSH conne

Bypassing proxies

2002-11-19 Thread DEFFONTAINES Vincent
Some companies sell products such as this : http://www.symmetrypro.com/FaB.htm that any clueless user can install with the help of 3 mouse clicks on their dektop. It autodetects proxy settings, creates an HTTP tunnel through corporate proxy to software editor companyserver, so you can read your em