I almost missed this Websense vulnerability, since it was published 12-21-2007, while I was on vacation. I’ve verified it works on one of my client’s networks using Firefox Portable 2.0.0.4, Websense 6.1.1, ISA Server 2004 Standard, and User Agent Switcher 0.6.10.
Mr HinkyDink, who discovered the issue used Websense 6.3.1, so I’m sure other Websense versions are susceptible as well. His instructions are:
I. Install FireFox 2.0.x
II. Obtain and install the User Agent Switcher browser plug-in by Chris Pederick
III. Add the following User Agents to the plug-in
Description: RealPlayer
User Agent : RealPlayer G2
Description: MSN Messenger
User Agent : MSMSGS
Description: WebEx
User Agent : StoneHttpAgent
IV. Change FireFox’s User Agent to any one of the preceding values
V. Browse to a filtered Web site
VI. Content is allowed
Content browsed via this method will be recorded in the Websense database as being in the “Non-HTTP” category.
See also Websense KnowledgeBase article #976, Websense cleaned up this issue in database #92938.
I work with a ton of school districts, all who are required by law to provide content filtering. We constantly struggle to keep ahead of the various methods of bypassing the filter that students find, but I really don’t fault the kids for being curious, or trying to outsmart the adults. I think the fault lies with the teachers who are supposed to be supervising, but instead allow the students to do whatever they want.
{ 9 comments… read them below or add one }
i use this website at school!
no popups!
get past the filters!
http://www.zaag.info
I have tried the trick with firefox but didnt work, any other sugestions
i too work with school districts and have found another vulnerability with websense and a specific mozilla addon that i am attempting to permanently remove from our system.
this addon give the end user the ability to deny the “websense redirect” and show the contents of the requested web page.
QUOTE:
I think the fault lies with the teachers who are supposed to be supervising, but instead allow the students to do whatever they want.
i entirely agree as we can never be 100%. there are millions/billions of websites and only a handful of techs.
schools are required by law to provide filters? are they told which sites to block?
Jon,
If schools want to receive federal funding such as erate, they are required to make a “best effort” at filtering objectionable content such as pornography. With other types of sites such as social networking the schools can decide to allow or deny access. Most schools have Acceptable Use Agreements that describe what it considered objectionable, and thus is filtered.
- Julie
i have done this and still does not work
I can’t do it! I tried to install user agent o.6.11 but it wont allow me to open it on my desktop. I mean i got it downloaded but when i click on it, it wont work!!1
Don’t forget that the filtering programs such as Websense are meant to work in partnership with the school. Just because you can find a way around it doesn’t mean you won’t get in trouble for doing so. At the districts I work in, we still monitor all traffic that goes out, and deny pretty much anything outbound from student workstations that don’t go on port 80 or 443. We also actively monitor the traffic, and check out anything showing up in “uncategorized”. If you are found to be using proxy sites, or other means of bypassing the filters, you lose all network access for a minimum of five weeks. That means your teachers still give you the same homework, but you’ll have to write it by hand, or go home and do it on your own time instead of being able to use school computers.
haha i used this and now all my teachers are like wtf… facebook?!