Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Restricting Open Proxies

from [Samir Pawaskar] Network Security [Permanent Link]
Subject: Re: Restricting Open Proxies
Date: Thu, 21 Jun 2007 11:20:13 +0400 
IMHO,

Another way would be to restrict outgoing http connections from users
only to your Web Proxy. That way everybody would be forced to use it.
You could put access list on the firewall i.e. if your users are
separated from the Proxy server by a firewall

Another option is if you have application aware switches, which can be
configured to redirect all http traffic to the proxy.

The flip side is however, in case you need to bypass proxy for certian
web sites then you will have to create list of exceptions..

At times this may be too much...

Samir

On 19 Jun 2007 11:45:54 -0000, shailesh.rangari@gmail.com
<shailesh.rangari@gmail.com> wrote:

Hi List,


We are in the process of strengthening our Information Security Policy. As 
part of this initiative we want to restrict access to Open Proxies from the 
Corporate Network.


We are currently providing Internet Access through Symantec Web Security 
which also acts as a Proxy Server.


The access to Open Proxies that keep floating in the wild is bothering us 
because it might ultimately lead to Information Leakage. Has any one of you 
faced the same issue? What are the best practices for the same?


Any ideas or suggestions are most welcome.


Thanks

Shailesh.




[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: VPN and Security, Murda Mcloud
Next by Date:  RE: In secured office building, "Free Public WiFi" network shows up out of nowhere, jbeauford
Previous by Thread:  Restricting Open Proxies, shailesh . rangari
Next by Thread:  Open Source Router with NAT, Mohamed Farid
Indexes:  [Date] [Thread] [Top] [All Lists]