The Network Security. Org

Breaking out of a proxy jail

Proxy jails exist all throughout corporate networks. They serve two primary goals: to cache data (thus reducing bandwidth) and to protect the computers inside the local network from threats outside. Often you will have restricted access to only HTTP, and maybe HTTPS and FTP if you're lucky.

This will suit most casual web users fine, as they rarely would need to use the connection for anything more than web browsing. But sometimes you need me. Be it for legitimate reasons, or you are just a control freak. Maybe you want to download from a site that requires FTP access, or you need to SSH home to restart your web server. Or maybe you just want to go on MSN instead of doing what you're paid for. But you can't; your firewall wont allow it. Or will it?

This document details several tools you can use to bypass your firewall to do pretty much whatever you need. Not only will it describe how to get out of a firewall, but how to get back in (assuming you have inside access in the first place).

Important: This tutorial discusses how to bypass most any proxy/firewall arrangement your network has. It does not however, go into the moral issues behind doing such an activity. Sysadmins can get very angry if you try to break through their perfect system. In the worst case scenario this kind of thing can get you fired/suspended/beaten with a wet salmon. You have been warned.

To understand the information in this tutorial you must have a reasonable understanding of your OS and how sockets and proxies work. Breaking out of a proxy jail

More News

• NetWitness releases free version of security software
  



• Three Reasons Why Users Won’t Buy Into Security
  



• Automated security testing & its limitations
  



• How to Use Network Behavior Analysis Tools
  



• The insider security threat in IT and financial services
  



• Top 10 Network Security Threats
  



• Big leap in malicious Web sites
  



• Network security makes a quantum leap
  



• Microsoft Preps 11 Security Bulletins for Patch Tuesday
  



• Practical Defense in Depth
  



• Apple releases another mega-patch for Mac OS X
  



• Security flaw in smart cards poses risk for transit, building access
  



• Free TrojanProof Password Tool Released for Windows
  



• Security scans with OpenVAS
  



• Do ISPs pose a bigger online privacy threat than Google
  



• HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
  



• Anatomy of a botnet
  



• Microsoft patches 8 critical bugs in Windows, Office
  



• Virtualization users should expect more attacks
  



• Threat From DNS Bug Is not Over, Experts Say