Solved

Secure Site Viewing question

Posted on 2007-12-03
9
197 Views
Last Modified: 2010-04-02
I am a new employee at a large company with a reasonably robust I.T. department.  It would appear that I must go through the company proxy to gain access to the internet via IE. How can I ensure I.T. does not have a record of sites I visit?

assume no sites containing spyware are involved
0
Comment
Question by:verpit
  • 2
  • 2
  • 2
  • +1
9 Comments
 
LVL 28

Accepted Solution

by:
batry_boy earned 200 total points
ID: 20399759
>>How can I ensure I.T. does not have a record of sites I visit?

There is no way to ensure that without specific knowledge of any content filters, packet sniffers, or the proxy itself to look and see.  Network monitoring and filtering can be completely undetectable to an end user without the necessary administrative access to see all parts of the network and the traffic flows that are involved.

If the IT department is funneling Internet traffic through a proxy, then they most certainly have the ability to see where you are going since most times a proxy is only used if traffic is desired to be monitored and/or filtered in some way.
0
 

Author Comment

by:verpit
ID: 20399964
OK, I get that.  I know the proxy list of 'restricted sites' is not long.  What "can I do" to provide the most protection possible?  What advantage does Firefox have over IE for this?  Can Ipartially hide my machine name in some way?  What about my IP?  What specific protection would visiting only https:// sites provide?
0
 
LVL 28

Assisted Solution

by:batry_boy
batry_boy earned 200 total points
ID: 20400477
>> What "can I do" to provide the most protection possible?

Bypass the proxy by using a different Internet connection (dial-up, wireless, etc.)

>>What advantage does Firefox have over IE for this?

Don't know since I've never tried to do anything like this at the browser level.

>>Can Ipartially hide my machine name in some way?

There may be some application on the Internet that can be used to obfuscate the machine name, but it would probably be some type of hacker program and I don't recommend those.

>>What about my IP?

What you're talking about here is IP spoofing...sure you can do that, but don't you think that if you circumvent company processes that are in place to prevent what you are trying to do that they are eventually going to find out and potentially implement disciplinary action?  I mean, you are a "new employee"...I would think twice about your course of action.

>>What specific protection would visiting only https:// sites provide?

Any data that is contained in the traffic that is sent to or received from an https site would be encrypted and therefore could not be read.  However, the proxy would still show what web site was visited.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 100 total points
ID: 20403821
https is no guarantee, see reverse proxy: http://en.wikipedia.org/wiki/Reverse_proxy
The proxy does the SSL for you to the destination, however, the traffic between you and the proxy is unencrypted in most cases. We use this to look at users traffic using Snort IDS. This also helps with sniffing traffic that is compressed(gz), the compression is done on the server and the data between the users and proxy is plain-text uncompressed all the time. yahoo message boards for example, without a proxy, the data sent between you and yahoo is compressed bothways, the yahoo servers uncompress the data you send, and the data they send to you is also compressed, and your PC uncompresses it.

Since it's their network, there is no limit to what they can do with data in/out. You can replay SSL/HttpS sessions with certain software available on the net, if the admins capture the entire stream, it might as well be plain-text, it takes seconds to decrypt and replay the entire session using such software, same with gzip compressed streams, which don't require the entire session to be captured.

If there is something you think they won't like about your surfing... your probably correct and shouldn't do it.
Corporations typically have "acceptable use" policies published and or signed by you... if your surfing doesn't violate their published rules, you should have nothing to fear. talk to your HR person if you cannot find such policies or if they weren't provided to you initially.
-rich
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 200 total points
ID: 20404559
A lot depends on what you are trying to do, and what resources you have.

At least in general, provided you go via a https proxy on the internet (such as the one that used to be free at anonymizer.com) then IT will see only your connection to the https site, not what you did via there; that said, they may look askance at you for using anonymization sites. There are ways to "break into" a https encrypted channel if you are a corporate IT department, but most of them are fairly complex to set up, expensive, or both.

If you have a home pc you can relay your traffic though, then you can run either a https proxy at home, or a full featured web proxy (such as squid, or analogx proxy) then ssl-tunnel your way to your home machine using the appropriate software. For a minimum, you need some sort of server software (such as ssh for windows) on your home pc, and something to handle the tunnel (such as puTTY) on your work pc. There are also some open source ssl vpn solutions that don't require a program on the pc, but can use your web browser itself (and java) to encrypt the traffic (again, you need a home pc for the server side of this)

The big issue here is what your IT department will do if they notice you trying to avoid their logging - that can range from nothing, though intrusive examinations of your pc, to the worst case scenario where you end up with a written reprimand or no job at all.....
0
 

Author Comment

by:verpit
ID: 20405592
I'm not really trying to do anything they would specifically object to and nothing at all that would compromise company data or anything like that so this sounds like it might be more trouble than it's worth.
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 200 total points
ID: 20405893
that's the problem with concealment - you may know you aren't doing anything they would seriously object to, but if you do it right, they don't know if you did something they would object to or not - so will assume you did :(
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
OfficeMate Freezes on login or does not load after login credentials are input.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now