Many businesses and government institutions use a content filtering program such as Websense to keep employees from visiting certain websites while at work. These programs can either prohibit the use of certain websites or monitor all of the sites that employees visit while in the office. Websense blocks several website categories: adult material, entertainment, drugs, games, sports, Internet communication, peer-to-peer file sharing, gambling, instant messaging, health, illegal, shopping, job search, Internet telephony, religion, special events, travel, violence, weapons, advertisements, freeware and software download, pay-to-surf, malicious websites, and many more.
The concept behind Websense is simple, whenever an employee attempts to visit a specific webpage, a request is generated and then passes through a firewall. Websense looks at this request and answers yes or no depending on if the requested URL is in the Websense database. In transparent mode, Websense counts on the fact that the firewall forwards the whole request one time. If the whole request is not transferred at one time, Websense allows the packet to pass, as the packet does not look like an HTTP request. Several techniques allow users to bypass Websense’s filtering and authentication process.
Bypassing Websense via a Web Proxy
One way to bypass Websense is to use a web-based proxy site. With a proxy, Websense sees the user browse to the web proxy, not to the website the user is actually browsing to. The user browses to the web proxy and the web proxy browses to the website that the user wants to visit. These web proxies can bypass Websense because the ‘S’ in the HTTP address (https://) stands for secure connection and Websense does not block such secured connections. This is probably the simplest way to get around the Websense program as it takes little time and no one will wonder what the user is up to.
To find a current web proxy, visit our proxy page.
Bypassing Websense via HTTP Tunneling
Users can also bypass Websense via HTTP Tunneling. Most programs also come with options that help to destroy Internet history and Widows activity. This means that the user’s online activities are secure and he/she can spoof his/her web browser information, which helps to thwart hacking missions. One can download HTTP Tunneling software programs from the Internet quite easily and inexpensively.
There is still another way! Although most people don’t get it that much. Webscence got themselves a proxy avoidance filter, as well as a download one. Http tunneling can be quite resource needing. This is quite simple. In firefox (that you can download, since the download site is listed as EDUCATION in webscence) install foxy procy BASIC (not original) then look around in google for this “proxy IP host port” type some into froxyproxy basic (number and port, preferably transparent) and then browse! It’s the same as a proxy, but built-in. So it cannot be blocked. Posted by Shingetsu.
ofcourse there is a software to bypass websense try XeroBank_Installer.exe is the best
how do i take a block off of my netgear firewall
Originally posted by Shingetsu: “There is still another way! Although most people don’t get it that much. Webscence got themselves a proxy avoidance filter, as well as a download one. Http tunneling can be quite resource needing. This is quite simple. In firefox (that you can download, since the download site is listed as EDUCATION in webscence) install foxy procy BASIC (not original) then look around in google for this “proxy IP host port” type some into froxyproxy basic (number and port, preferably transparent) and then browse! It’s the same as a proxy, but built-in. So it cannot be blocked. Posted by Shingetsu.”
I cant find the “froxyproxy basic” with firefox add ons.
Originally posted by knight: “Originally posted by Shingetsu: “There is still another way! Although most people don’t get it that much. Webscence got themselves a proxy avoidance filter, as well as a download one. Http tunneling can be quite resource needing. This is quite simple. In firefox (that you can download, since the download site is listed as EDUCATION in webscence) install foxy procy BASIC (not original) then look around in google for this “proxy IP host port” type some into froxyproxy basic (number and port, preferably transparent) and then browse! It’s the same as a proxy, but built-in. So it cannot be blocked. Posted by Shingetsu.”
I cant find the “froxyproxy basic” with firefox add ons.”
Here it is.
bro i try downloaded the foxyproxy but failed..y?
can tell me, and the downloading method i tried was via MFox add-ons install window…
pls advice..
I can someone give me a list of Ip host port!
Thanks
yes please
when I try to open any site which google has searched as proxy IP host, websense blocks it so I can get further, can anyone help in getting the IP.
What I did was, on my company’s computers Websense is installed as a program in Program Files, open up the main executable with a hex editor, and put a bunch of garbage. The file will refuse to run, but Websense only checks if it’s on the computer, not if it’s running or not
What is the name of the exe?
OR… OR…. you could realize that the company/school/organization that has implemented Websense has done so in an effort to protect their network/computers/applications/infrastructure and that internet access at work is not provided to you for searching porn, updating your facebook status, playing games, etc…
Companies pay for network acces for one reason alone. Productivity. When you are surfing pr0n, downloading viruses and otherwise jerking about on the web instead of working then you are A. not being personally productive, B. could be impacting others productivity by making them wait longer to do productive, work realted things because you are sucking up all the bandwidth with your Torrent client, C. wasting company money on increased bandwidth costs so they can operate and still accomodate your non-work related activity, D. incurring extensive costs due to ignroant users who click on every link in every email they get because “OMFG I JUST WON 30 BRAZILLION DOLLARS” in an internet lottery I never entered from a Deposed Prince in Nigeria.
Also, BTW. Websense CAN and does stop the FoxyProxy… it can be set to deny traffic categorically to any non-whitelisted proxy server. And yes it can also be set to block HTTPS traffic to proxy avaoidance sites as well.
I just happened to see the link here in a google search and as a Sercurity Manager for a rather large company who also administers our Websense and sets I.T. policy I try to see if there are any new and innovative ways that people try to bypass established security controls and I am sad to say that all your suggestions here are woefully inadequate for any security manager worth a damn. So all in all thumbs down from me. Better luck next time kiddies.
I really hope you are from the company in Atlanta that I think you are, so I can enjoy it more when I hack your desktop jockey software.
HAHAHAHAHAHAHAHAHAHHAHAHAHAHAHAHAHAHAHAHA!
(wipes tear from eye)
HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!
Or you could just do what I do and just get your own 3G service. I have two computers in my office, one for work, that is connected to the company lines and one that gets 3G wireless service for personal web browsing and email. With the upcoming 4G service, IT barriers will be as obsolete as the Berlin wall.
Here’s the thing, though, security guy. Not everyone has the same job on the same shift. So while those guys on day shift might be a million times more productive not being able to check their email or read the news, us poor slobs on nights are going to suffer a huge lapse in productivity when we fall asleep waiting for the next chunk of work to be brought to us. Here in the lab I work at we have regular chunks of 10-20 minutes where we’re either waiting for assay samples to fuse or waiting for someone to bring in more samples. Before websense I might have used this time to check my email, maybe peruse a few headlines. Now? I chug a coke and try not to fall asleep. Don’t try to tell me that’s somehow better for business.
So speak to your management, don’t just make ridiculous comments about a product. Websense is only the tool – much like your assay sampling machine. If one of those broke down, would you be online blaming the product? No. You would speak to someone with authority about it. You might have 10 – 20 minutes to spare at a time. It takes much longer to fix computers that end up virus laden, or full of malware as a result of people who have no clue what they are doing downloading rubbish to machines.
A sensible policy needs to accompany the product. Websense provide the categories. Management provide the policies.
If a work computer ends up virus laden, or full of malware, you as an admin should be fired.
Firefox + adblock (+ NoScript if you wanna be super picky) + Spybot S&D immunization & TeaTimer + halfway decent AV (Avast for example, if you are using norton, mcafee or anything similar, you should be fired, then taken out back and shot. Repeatedly. For being a bleeding idiot) = Fairly impenetrable computer. Bout the worst thing you’ll have to do is clean tracker cookies once in a while.
Securing work machines is simple. Teaching the IT Staff how not to be blathering idiots is the difficult part.
I have a special e-mail for you.
well security guy … for every smart ass security administrator there is a hacker who is actually smarter … and i dont think anyone who has actually managed to get through websense would actually be dumb here to post the solution here ….
just for your record i have managed to get through websense using http-tunneling and VPN (using some freely available software) … could be the administrator here is a dim wit and not a hotshot like you ..
would have loved to work in your company and match wits with you .. its what makes our techie lives interesting
I use something called Njutrino – from njutrino.com which I run from a USB stick, its a browser with built in proxy – Means I can browse what I like at work and not worrk. Also has a button which lets me hide the window ! very useful
The company I work for just started to allow employee’s internet usage for business purposes only. We are an outside sales company and my employees visit stores, and nightly synchronize store data. Each employee has a laptop computer. As such, to help monitor internet activity I am now receiving monthly recaps on each employee and their internet activity. The company uses Websense to track activity. Out of the 18 employee’s I supervise, 13 visited sites I would consider not business related. The remaining 5 showed no activity at all. The one common denominator that all 13 had in common was that they visited our company intranet site. When questioned about the sites, verison.com, facebook.com, walmart.com etc… all of them said they never visited any site other than our intranet site. Some even said that several of the sites listed were sites they have only visited on their home computer. Is it possible that websense can pick up internet sites from home computers?
Simply put, no. Websense can only log and report on systems which connect through the filter. It would also require the user to have the same domain/user credentials on their home box. If they say they’ve never visited these sites from a company system, they are not telling you the truth.
If you are getting reports that someone has visited, for instance, Facebook and they deny ever having done so there are, imho, three possibilities
1. They are not telling the truth
2. Someone else used their machine (in which case they should learn to lock it)
3. (most probable) The reports of Facebook use are actually caused by visits to pages that have links to Facebook (like buttons, content from Facebook)
I have seen a lot of reports where there is an indication of misuse (as defined by the corporate policy) but further investigation shows that the reported use was “indirect”. Go to almost any newspaper site and you will see connections to Facebook / Twitter etc. It is possible that these connections are being serverd directly by Facebook / Twitter etc and show as visits in Websense.
hth
I used to work for Websense, the filtering products do also have an option to filter remote machines (eg. company laptops/PC’s) …. even when you are using your home internet connection.
Disable Proxy setting under Internet options —> Connections —> LAn settings
Regards
Omar
If they have set it up in transparent proxy mode, this will make no difference.
No one knows how to hack websense without a proxy like me. I truly am the Master.
Master O Master,
Share ya knowledge with us, for thou art the Master.
so Mr. master ….can u tell us how to hack websense?
¿master? i dont think so
Why dont u tell us how to??
u got no answer
Don’t be faggots. Get Tor on a USB, boot it through the RAM if you’re truly scared of being traced, and you’re fine.
If your company or school already implemented web sense, try downloading at home or somewhere and attach the addin to email and open in work or school, websense only stops downloading the addon
I agree with the idea that IT depts generally dont have enough to do. My manager made a passing call that the web is being used too much. Thing is to protect myself I log in under a general password and use ninja proxy servers if I want to play games. So the manager may make inadvert ineffective threats but has zero proof of who is doing what. Actually studying board games makes you MORE effective as an employee. What exactly is the internet for at work in a hospital? If the IT noobs complain about viruses, do the smart thing: Either install Linux or get apple computers. If the latter is too expensive dont complain and say that open source cant be done for a corporation. It could if people were willing to. But they arent. So because they arent, there are proxy servers for employees such as myself who give the finger to the IT dept.
my tool…Remote Desktop Connection to home computer. Surf what I want with no one knowing what I browse. The connection is not as fast through RDP, but that has to do with our pitiful 3MB service.
First off, Websense managed to cut off proxies, HTTP://, and basically all other methods we can think of. Except for one. If we are on a Windows system, we go to
Run->type in ‘cmd’->type in ‘ping “website here e.g. facebook.com‘->then get the IP address of the website-> go to your browser->type in the IP address without .com or www. or http://->and you’re done.
If we are on a Mac OS, we do the same steps. We access Terminal via Applications. Then we type in ‘ifconfig‘ and do the exact same steps as above.
We use Websense to report traffic only. Users can go wherever they want, but reports get back to management and put in their employee file. F’ing around on the Internet at work is strickly forbidden and outlined in each employee signed handbook. Besides, all you dumbasses with FB accounts and stupid Internet posts are already flagged by serious employers. That’s whats wrong with this country, nobody wants to work anymore, just F-around. How about having a little self-control people…
Amazing. The depth of your knowledge extends to basic and rudimentary. Self control? How about you not search up bypassing WebSense? If you never searched it up, you would never have found this site, that discusses methods to bypass WebSense. So, take your own advice AHole.
HAHAHAHAHAHA…!!!!!!