Bypass Websense

In Tech-Faq , there is an article talking about how to by pass Websense. Instead of using proxy or tunneling methods, there is still a way to bypass the firewall filter. In the article, there are some important sentences, listed in following,

In transparent mode, Websense counts on the fact that the firewall will forward the whole request in a single time. If the whole request is not transferred at one time, Websense will allow the packet to pass, as the packet doesn't look like a HTTP request.
In the fact, if you browse a prohibited website, the Websense server will feedback an HTTP redirect header to your browser. Then your browser will go to the page like this. The techniques of above sentences could clearly explain why I can bypass the Websense via Telnet. Instead of using any browsers, I just telneted to a prohibited website host with port 80. Then I keyed in the HTTP protocol strings, for example, GET /index.html HTTP/1.1. Then The raw HTML content was dumped to the terminal, not Websense HTTP redirect or blocked page.
Maybe I can modify the PERL HTTP proxy program I wrote before to adopt this mechanism to bypass the Websense. :P Because of the ridiculous policies and reasons of preventing PCs from attacks of viruses, Trojans, worms, and hackers, they blocked out some sites like Flickr, wretch, pixnet, xuite, google spreadsheets, and so on. It is very ridiculous and amazing.

Tags: , websense