Most companies understand the value in a good web filter, and most employees appreciate the frustration that the web filter creates by blocking access to some of their favorite sites. As IT professionals, we understand the risks introduced by allowing a trusted machine inside our network to access certain social media sites and others that are known to contain spyware, adware and a litany of other bandwidth robbing malware.
Beyond the risks introduced through ʻinfectionʼ, web filters also have been shown to increase productivity by restricting access to time-wasting sites that fall into the category of gaming and shopping. Just 30 minutes of mindless surfing a day, when multiplied by 50 employees, adds up over the course of the 40 hour work week.
Often the least considered value of a web filter, is the reduced liability by restricting access to pornographic or gambling related sites. Exposure to illicit material by an unwilling passer-by could result in a hefty lawsuit. Preventing a single occurrence of such an incident would more than pay for expenses associated with most web filtering appliances.
Like all security appliances, the tool is only as effective as the rule sets or configurations by which it is governed. Here are a few minor tweaks to your web filter that will reduce exposure to the most common non-technical filter bypasses.
Anonymous Proxy
Free, open and anonymous proxies are nothing new to the tech community, but have greatly morphed from the days of having to manually enter a proxy address and port into your Internet Options. Now even a user savvy enough to use a search engine can navigate to a proxy service site and use the embedded address bar to surf just as they would from their browser. This shift in usability did not go unnoticed by the web filter manufacturers and most now offer the option to block all sites falling into the category of ʻanonymous proxyʼ. Check your setting to make sure that you are including this category of blocked items and then try navigating to some of the most popular sites to ensure it is working correctly (be sure to try a few where the URL doesnʼt contain a form of the word ʻproxyʼ):
1. https://proxify.com
2. http://fiberproxy.us/
3. anonnow.info
4. highspeednameless.info
5. rapidhidden.info
6. instantaneousaccess.info
Browser Caching
Google, Bing, and Yahoo! (perhaps others, but these by far are the most heavily utilized) all offer a service via their search engines called ʻCachedʼ pages. As the engine constantly crawls the web for pages, it stores a Cached version of the page. This page includes all images, texts and links. The dangerous effect of this service is that the cached page URL is embedded within the browserʼs URL, and is then almost always overlooked by a web filter that restricts pages based on categories. As far as your filter is concerned, your employee is just using an allowed search engine. This dilemma is not without remedy...Set your filter to explicitly block the following pages:
1. http://webcache.googleusercontent.com - (Google)
2. http://cc.bingj.com - (Bing)
3. http://74.6.116.140 - (Yahoo!)
