The term “Websense” in this context refers to content fillers that restrict access to certain websites, as opposed to the company based in San Diego, CA ,that goes by the same name and which makes content fillers itself. Nowadays, many institutions try to restrict the content available to employees, students and the general populace due to policy considerations. Programs such as Websense are increasingly being used to prohibit the viewing of certain websites, or to monitor all the sites that are visited by the employees, with grave implications to privacy considerations. It is also possible to configure Websense to only allow certain sites to be viewed after certain hours; this allows administrators to free web surfing after working hours. The favorite types of websites that the sensors are mostly unhappy about include adult content, file sharing sites, social networking sites, drugs, ideologically extremist, sites glorifying violence and so on and so forth. Content fillers, including Websense work this way. Whenever a user tries to access a particular website, the request is passed through a firewall. Websense examines the request and accepts or declines the request depending whether the requested URL is one on its database. Websense works with a Master Database that contains more than 2.2 million websites comprising of more than 400 million web pages that further fall under 65 or so categories. Websense assumes that the firewall will submit the request in single time, but this is not the case, Websense will not allow the packet to pass as it does not look like an HTTP packet. There are several ingenious ways to bypass Websense including the following:
Bypassing using a Proxy.
Proxies are computers that are not within your network. You may use their Internet Protocol (IP) addresses to access the sites that have been restricted. The rationale for this method is that it is not actually the computer you are using that is accessing the blocked site, but rather the third party computer, and so the content filter will have no qualms about that. These proxies are able to pass through Websense if a letter is added to the protocol HTTP (thus it becomes https://) and this signifies a secure connection. Websense, and many other content filters would normally not block such sites. This is one of the easiest and also the simplest ways of accessing the websites that are forbidden and no one will have any idea what you are doing.
Using HTTP Tunneling.
HTTP tunneling refers to the technique where The HTTP protocol acts as a wrapper for a covert channel that the network protocol being tunneled uses to communicate. This method may also be used to bypass content filters such as Websense. It is used for communication in networks with limited or restricted connectivity and is often used with applications that lack native support for communication in conditions of restricted connectivity. In most cases, restricted connectivity may be because of blocked TCP/IP ports or blocking traffic started from outside the network. It could also be because some content filters don’t want you to enjoy full connectivity, and this is where HTTP tunneling comes in.
For more information on bypassing Websense read How can I bypass Websense?
