SurfControl Internet Monitoring/Blocking

[<ndesai01 () tampabay rr com>]

I have been working with the people of SurfControl for 
a couple of weeks now and all they say is that they 
will submit it as a bug in the software and try to get 
a fix out in the next couple of months. So here goes….
You can bypass the software by using a proxy sever 
before your traffic is looked at by SurfControl Super 
Scout. After talking with the people at SurfControl it 
has become apparent that you may bypass all of their 
software that is meant for Internet monitoring. I have 
not been able to test it though. They only look at 
packets that have the HTTP GET request and "Host:" 
information in it. If you split up the request so that 
HTTP GET request is not in the same packet as 
the "Host:" information then you will bypass the 
software. 
You can easily do this by using a proxy server before 
you get to the node that is doing the Internet 
monitoring. If you have Compaq PC's or servers that 
are not patched you can proxy off the Insite Manager 
software
(http://www.compaq.com/support/files/server/us/dow
nload/9609.html). If you have PERL installed you can 
use RFProxy, HTTPush or Pudding. These programs 
were intended for the testing of IDS evasion 
techniques but work wonders for Internet 
monitoring/blocking evasion. 

Neil