If you don’t know how to bypass a web content filtering (WCF) system, ask the next teenager that you see. WCF systems are used to block or filter where employees go on the Internet. WCF programs are a great way for employers to increase productivity, reduce liability, save bandwidth, and best of all keep malware off systems…when it is used. There have always been ways that sophisticated end users can bypass these systems. Recently there has been an explosion of methods available to users to bypass these systems and access the Internet anonymously.
Anonymous Web proxies, also known as proxy servers, anonymizers, and shadow-surfing tools, basically pass user Web traffic via other servers to get around an organization’s Web filters. One popular method to do this is called TOR. From the TOR project website, the following is posted:
“Tor is a software project that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol. ”
TOR can be implemented directly inside your browser which means the level of technical prowess needed has essentially gone down to zero.
There is a slew of abuse and articles discussing this.
While WCF is as necessary as a firewall is to any good security program, it can be bypassed and additional layers of security should be implemented to help plug this hole.
In a news post at AtTheBreach.com it also discusses how these proxies are often hosted by unfriendlies. There are articles about how these are often hosted in China and other countries and the individuals that host these have full access to view this traffic. So it may not be as anonymous as some think. This is one way that a data breach or other compromise could occur as a result.
