Tuesday, March 22, 2011

Lazy Monday Firewall Hack

So yesterday was a slow day, this allowed me plenty of idle time...and as they say about idle hands...I decided to systematically test our firewall. :D  A bit of background first.  I work for a large Fortune 500 company, you know the type...they have millions of dollars invested in IT staff and hardware.  We also have a stifling firewall.  It blocks any site about gaming (console/PC/gambling/etc), all video (we can't even view CNN.com videos), and almost all social networks (only allowed are twitter and LinkedIn). In the past I have tried damn near everything in my geek tool box to circumvent said firewall.  Proxies, SSH tunneling, Google cache, you name it.  Every attempt has been met with the dreaded 

"Continued attempts to access prohibited sites may result in a review of your internet usage and expose you to appropriate disciplinary action"  

So imagine my surprise when adding a simple s to a web address let me bypass nearly ALL blocked sites!  Changing HTTP to HTTPS was the solution I had been searching for.  Why does this work I wondered...well apparently the firewall admins only filter traffic on port 80 not 443.  So if you are a network admin and you really want to lock down your system...be sure to plug the HTTPS hole. 

Until next time! o7

No comments:

Post a Comment