Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'Bypass firewall restrictions via an HTTPS proxy' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Bypass firewall restrictions via an HTTPS proxy
Authored by: bill_mcgonigle on Aug 13, '05 12:00:33AM

Stephanos - take this as a sign. I see this all the time. Your management team is inept. Your CEO might be a stupid ahole too. They don't understand so they fear. They fear so they impede.

This is going to start to pervade all aspects of the business if it hasn't already. Get your resume up on Monster and find a decent job. Your life is just going to get progressively more miserable if you don't.

You clearly have a clever mind and know how to solve technical problems, so there are lots of people out there hoping someone like you will just drop a resume on their desk. Learn to identify the non-technical problems too. Good luck.

[ Reply to This | # ]
Authored by: macubergeek on Aug 13, '05 08:14:30AM

Security admins restrict outbound protocols like AIM for a reason. It's insecure. Worms are now being transmitted via AIM. So are the latest versions of Phishing attacks. Yes you can get around just about any restriction. It might be more constructive to open a dialog about the restrictions. MacOS X gives organizations the opportunity to bring Instant Messaging in house. You can run an IM server on Server, use Jabber and encrypt everything. IM can be used constructively as a collaboration tool. Discussions of constructive uses seems better than adolescent rants against "clueless" management.

[ Reply to This | # ]
What's port 22 for?
Authored by: derekhed on Aug 15, '05 11:25:53AM

This was the question our IT people asked me when I requested port 22 to be opened to my workstation. Frankly, I lost all respect for them at that point. They added a filter because some salesperson made it sound like the world would end if they didn't. Of course, they standardized on Dells, so they might have been right.

Don't see why I should have to suffer. I get more work done by bringing in my own laptop and using free software than I do on my Dell and a pretty liberal budget.

I am not advocating irresponsible behavior, but if the support folks don't know how to support you, roll your own.

[ Reply to This | # ]
Bypass firewall restrictions via an HTTPS proxy
Authored by: stephanos on Aug 22, '05 02:52:11AM

Bill, thanks for the praise, but it's not really that simple. My management and admins are not idiots. They know I'm doing this, and they don't mind. In fact they told us beforehand when the policy was instated that if we found a hole, we could use it. So I just did.

I'm a software engineer. I'm the only one in my company that uses a Mac. I had to beg and plead before they got me one (yup, they paid for a brand spanking new top-of-the-line PowerBook plus a gig of RAM, and I get to take it home, as well as buy it off them at a very reasonable price if I ever leave. So yeah, I'm appreciated :-)), and I had to promise that if I ran into any serious incompatibilities it was my job, not theirs, to fix them - so far, I haven't, though I do cheat by using Terminal Services to connect to a couple of Win2K server machines once in a while for some odd IE testing. I do J2EE/Oracle development in Eclipse, so I saw no need for me to suffer Windows.

The point is, not everyone here is a software engineer or has these kinds of skills. People ran old versions of MSN Messenger or ICQ that are wide open to bugs. They ran P2P software. They ran all kinds of dodgy stuff on Windows systems. The firewall and proxy is there to protect these guys. If I can get around it it's no big deal, because they know I'm the least likely person to get a worm or a virus. If I made enough of a fuss they might even open up the ports for me anyway.

Security is a relative thing, anyway. You could have all the latest patches, AV data files etc. and still be hit by the first wave of a new worm. I know how to deal with this stuff, before and after infection.

Of course, I work at a small company, and in a larger organization I can see the need for strict enforcement of rules. But the firewall and proxy are there for a simple reason, to protect our layperson Windows users from the onslaught of malware and I don't really do anything to undermine this, so everyone's happy. The only annoyance is I have to select an item from the script menu in the mornings when I come in and hook up my PowerBook, and once more again before I leave in the evenings. I can live with that, and I don't think the policy is stupid.

I think most right-thinking IT admins and managers would agree with this, and even with this hint as posted, you'd have to be at least an intermediate computer user to get it to work, and a Mac user, so it's extremely unlikely you'll catch any malware because of it. If someone got into trouble anyway, then yes, I think they're working with some short-sighted people. That's their decision to make.

[ Reply to This | # ]