Proxy blocking company 8e6 has claimed that its software can now curb the proxy scripts that have recently flooded the Internet as a way of bypassing URL blocking systems.
Such scripts give non-expert users a way to avoid the conventional web URL filtering systems employed by government, libraries, universities and companies by setting up private web pages running applications that bypass such filtering.
Anyone using such sites as a ‘launchpad’ will not be picked up many URL filters, allowing them to anonymously reach any website on the Internet, including file sharing and porn sites, or just to open unauthorised IM or P2P sessions.
According to the company, there are a number of such scripts out there, including PHProxy, Proxify, Circumventor and CGIProxy.
“Traditional Internet filters such as Websense and SurfControl can only block encrypted proxies by classifying the URL in a database. This means that they may not catch and block a proxy exploit like Liverbeat.com [a popular bypass site] immediately, placing companies at considerable risk from employees accessing unsuitable or malware-riddled content,” said 8e6’s Eric Lundbohm.
“Some network administrators may not even be aware that their users are bypassing the existing web filter because the latest proxy software is so effective at hiding the user’s activity.”
How does 8e6 manage to do what many other fall down on? It's all in the 'proxy pattern detection', the company says, a wordy way of saying that its software works out when port 80 traffic is heading for an HTTPS or SSL session or just doesn't exist on a whitelist of approved proxies.
The claim comes only days after a controversial test of web filtering products, the so-called ‘Deep Throat Fight Club’ held at the RSA Show by Open Source vendor Untangle was criticised by one vendor, Watchguard, for not properly assessing proxy bypass techniques.
The test had found that most web URL filtering systems worked pretty much as advertised, despite the fact that a growing band of Internet users are known to bypass these using script-based proxy websites such as the ones referenced by 8e6.
8e6 claims to be the only company capable of blocking such sites, which is not strictly true. Other vendors, including Watchguard, are known to employ proxy blocking to some extent, but don’t seem to have picked up on the growing importance of the issue to the extent of explaining how they go about it.
The company re-launched itself in the UK in January with an attempt to court SurfControl customers wary of the latter’s takeover by security giant Websense.