Notices

Work firewall questions ?

Old 09-22-2019, 08:35 AM
  #1  
THT SponsorCaptains Club Member
THT sponsor
Thread Starter
 
Join Date: Mar 2007
Location: Wisconsin And Marathon,Fl
Posts: 8,850
Received 2,424 Likes on 1,078 Posts
Default Work firewall questions ?

Just got this email.
We have recently upgraded our network to include a very sophisticated router and firewall.
Over the next week, please check to make sure that the sites you need for business are all working properly. The firewall has the capabilities to allow and deny traffic to any site and it will keep a log of every internet website that is accessed. So if this blocks my sites such as this one, could you still access it through chrome in a new incognito window? And would it still show on the log?


Asking for a friend
Old 09-22-2019, 08:37 AM
  #2  
dev
Admirals Club Admiral's Club Member
 
dev's Avatar
 
Join Date: Mar 2017
Location: St. Pete
Posts: 642
Received 971 Likes on 434 Posts
Default

No, incognito mode would not prevent a log of the site visited at the firewall level, and would not overcome a firewall restriction.

You'd need a VPN to be able to access sites in a way that bypassed the firewall and hid the activity (and note, this is not a perfect solution either, depending on the VPN, a sophisticated firewall could do a man in the middle attack on the VPN).
Old 09-22-2019, 08:39 AM
  #3  
Senior MemberCaptains Club Member
 
Join Date: Jul 2004
Location: Marco Island, FL
Posts: 3,379
Likes: 0
Received 149 Likes on 107 Posts
Default

Using a different browser isn't going to help. A VPN might help if you can talk your administrator to allow your VPN through the firewall. Probably unlikely without a bribe.
Old 09-22-2019, 10:47 AM
  #4  
Admirals Club Admiral's Club Member
 
Join Date: Oct 2016
Location: Eastern NC
Posts: 506
Received 426 Likes on 234 Posts
Default

https://www.hidemyass.com/en-us/proxy or plenty of other proxy sites out there. Maybe buy the IT guy lunch and have him make an exception for this site?
Old 09-22-2019, 10:55 AM
  #5  
Member
 
Join Date: Mar 2016
Posts: 49
Likes: 0
Received 16 Likes on 10 Posts
Default

Don't use the Internet feed supplied by the router/firewall. Use a cellular internet connection, possibly?
Old 09-22-2019, 11:01 AM
  #6  
Senior Member
 
Join Date: Apr 2009
Location: Michigan
Posts: 4,066
Received 1,024 Likes on 583 Posts
Default

Time to hotspot your phone and get to THT through that, or just use your phone.

They may not do anything but will have the ability to do everything with the data!
Old 09-22-2019, 11:07 AM
  #7  
Senior MemberCaptains Club Member
 
Join Date: Jun 2003
Location: East Central Florida
Posts: 7,311
Likes: 0
Received 681 Likes on 320 Posts
Default

Everything on your office network going to or coming from the Internet on that firewall will be subject to fitering/blocking and monitoring. If your IT dept is doing their job they can and will block private VPN's too.

Use your cellular data for personal browsing.
Old 09-22-2019, 01:55 PM
  #8  
Senior MemberCaptains Club Member
 
Join Date: Feb 2002
Location: Saugus, Ma. USA
Posts: 11,498
Received 1,208 Likes on 682 Posts
Default

Seacat has the correct answer. They'll log all dns queries, and if they are monitoring and blocking, they will obviously block any personal VPN's as well. Hotpsot on your phone si the way to go.

They may only block the minimum categories, such as terrorism, hate groups, porn, and gambling, or they may set the filters a lot stricter and block all sports & leisure sites as well. It depends on your IT guys.
Old 09-22-2019, 05:12 PM
  #9  
Senior Member
 
Join Date: Jun 2018
Location: Southeast Connecticut
Posts: 366
Received 1,277 Likes on 674 Posts
Default

Originally Posted by mikeloew View Post
J So if this blocks my sites such as this one, could you still access it through chrome in a new incognito window? And would it still show on the log?


Asking for a friend
Depends on what the firewall is, and how well it was setup, and if someone is actually watching.

Technically, yes they can block this site and every measure you take to try to outsmart them and come to this site would be found and blocked. You can try to play a game of cat and mouse by trying to switch various anonymizer VPNs and private proxies and all that..but they can all be found....if a good firewall was put in, and if it was setup correctly and being watched. If IT was your companies IT guy and I put in my preferred UTM (firewall)..yes I would get you every time.

Your workstation/laptop is owned by your company. Stop goofing off on it...ransomware is getting series these days and they have to do what they have to do to protect their network. Just surf on your phone, or bring a tablet to work tethered to your phones hotspot.
Old 09-23-2019, 01:48 AM
  #10  
THT SponsorCaptains Club Member
THT sponsor
Thread Starter
 
Join Date: Mar 2007
Location: Wisconsin And Marathon,Fl
Posts: 8,850
Received 2,424 Likes on 1,078 Posts
Default

Thanks guys, I will just use my hotspot.
Old 09-23-2019, 05:53 AM
  #11  
Senior Member
 
Join Date: Apr 2009
Location: Michigan
Posts: 4,066
Received 1,024 Likes on 583 Posts
Default

Originally Posted by mikeloew View Post
Thanks guys, I will just use my hotspot.
Which got me thinking about my 1st response. If you take your work laptop, disconnect it from the work wifi, connect it to your hotspot then surf, it's very possible that it has some monitoring software still running that when you hook back up to the work wifi it "phones home" with your activity.

I know the monitoring installed in my last corporate job had SW that was doing it.

And really, if it's their laptop then they have to right to see what it's being used for at all time.
Old 09-23-2019, 06:02 AM
  #12  
Senior Member
 
Join Date: Jun 2018
Location: Southeast Connecticut
Posts: 366
Received 1,277 Likes on 674 Posts
Default

Originally Posted by ericinmich View Post
Which got me thinking about my 1st response. If you take your work laptop, disconnect it from the work wifi, connect it to your hotspot then surf, it's very possible that it has some monitoring software still running that when you hook back up to the work wifi it "phones home" with your activity.

I know the monitoring installed in my last corporate job had SW that was doing it.

And really, if it's their laptop then they have to right to see what it's being used for at all time.
Not to mention..the laptop is disconnected from the "work network"..therefore it cannot see the servers, file shares on the server, oether data, run the line of business apps, print to network printers. Basically he cannot do his work!
Old 09-23-2019, 06:21 AM
  #13  
Senior Member
 
Join Date: Apr 2009
Location: Michigan
Posts: 4,066
Received 1,024 Likes on 583 Posts
Default

Originally Posted by YeOldeStonecat View Post
Not to mention..the laptop is disconnected from the "work network"..therefore it cannot see the servers, file shares on the server, oether data, run the line of business apps, print to network printers. Basically he cannot do his work!
That's OK though if it's for surfing THT, a guys got priorities obviously.
Old 09-23-2019, 06:29 AM
  #14  
Admirals Club Admiral's Club Member
 
Join Date: Nov 2009
Location: Tarpon Springs, FL
Posts: 7,790
Likes: 0
Received 3,751 Likes on 2,142 Posts
Default

It depends on the firewall and how it's set up. It can be set up to block any site not approved or it can be set up to block specific sites or types of sites. We do record everything accessed via our networks. We own the servers and the computers and can legally restrict it as we see fit.
Old 09-23-2019, 08:16 AM
  #15  
Senior MemberCaptains Club Member
 
Join Date: Feb 2002
Location: Saugus, Ma. USA
Posts: 11,498
Received 1,208 Likes on 682 Posts
Default

Most mature companies have an AUP, or "Acceptable Use Policy", which spells out what you can and cannot do.
Old 09-23-2019, 10:41 AM
  #16  
Admirals Club Admiral's Club Member
 
Join Date: Nov 2009
Location: Tarpon Springs, FL
Posts: 7,790
Likes: 0
Received 3,751 Likes on 2,142 Posts
Default

Originally Posted by jobowker View Post
Most mature companies have an AUP, or "Acceptable Use Policy", which spells out what you can and cannot do.
Which from experience no one reads even when they have to sign that they did read and do understand the policy.
Old 09-23-2019, 01:05 PM
  #17  
Admirals Club Admiral's Club Member
 
Join Date: Jan 2007
Posts: 14,021
Received 1,927 Likes on 1,425 Posts
Default

Originally Posted by mikeloew View Post
Thanks guys, I will just use my hotspot.
Just know that things can still be logged at the machine-level.
Old 09-23-2019, 01:11 PM
  #18  
Admirals Club Admiral's Club Member
 
Join Date: Nov 2012
Location: Palm Beach County
Posts: 10,539
Received 2,147 Likes on 1,221 Posts
Default

usually these go in after a problem is found. I would lay low or just use your phone
Old 09-23-2019, 01:50 PM
  #19  
Admirals Club Admiral's Club Member
 
Join Date: Nov 2009
Location: Tarpon Springs, FL
Posts: 7,790
Likes: 0
Received 3,751 Likes on 2,142 Posts
Default

Originally Posted by YeOldeStonecat View Post
Depends on what the firewall is, and how well it was setup, and if someone is actually watching.

Technically, yes they can block this site and every measure you take to try to outsmart them and come to this site would be found and blocked. You can try to play a game of cat and mouse by trying to switch various anonymizer VPNs and private proxies and all that..but they can all be found....if a good firewall was put in, and if it was setup correctly and being watched. If IT was your companies IT guy and I put in my preferred UTM (firewall)..yes I would get you every time.

Your workstation/laptop is owned by your company. Stop goofing off on it...ransomware is getting series these days and they have to do what they have to do to protect their network. Just surf on your phone, or bring a tablet to work tethered to your phones hotspot.
Our firewall detects all of the attempts to get around it and automatically generates a log. The employee gets a written notice the first time.
Old 09-23-2019, 01:51 PM
  #20  
Admirals Club Admiral's Club Member
 
Join Date: Jan 2007
Posts: 14,021
Received 1,927 Likes on 1,425 Posts
Default

Originally Posted by mikefloyd View Post
Our firewall detects all of the attempts to get around it and automatically generates a log. The employee gets a written notice the first time.
I doubt it can detect all attempts. It can detect what its capable/configured to detect. Its simply a single security feature in hopefully combination with many other security controls.

Thread Tools
Search this Thread

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information

Copyright © 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.