Home > Enterprise Desktop Tips > > Blocking Web anonymizers in the enterprise
Enterprise Desktop Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 


Blocking Web anonymizers in the enterprise


Joel Dubin
06.07.2006
Rating: -3.89- (out of 5)


Advice for securing Windows
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


This tip originally appeared on SearchSecurity.com.

Web anonymizers can be beneficial in preventing employees from accessing specific Web sites while on your network. However, when employees use anonymizers, they become dangerous. Anonymizers can be misused to evade corporate firewalls, defeating your efforts to stop employees from accessing their personal email accounts and engaging in inappropriate – and sometimes illegal – Web surfing to pornography and gambling sites. In some cases, employees use anonymizers to hide businesses they're running on company time and company servers, lowering their productivity and eating up precious bandwidth. Misuse of Internet access through anonymizers, whether mischievous or malicious, can open your company up to liability and expose your network to malware and intrusions.

What are anonymizers?

An anonymizer is a proxy that hides a user's real IP address – in this case, your company's IP address – from the Internet. It is software installed on the client that creates a virtual proxy that links either with a proxy network or to a public proxy server. There are hundreds of public proxies listed on the Web, some of which anonymizers are tuned to call.

Many enterprises with heavy-duty firewalls use proxies to control traffic into and out of their network. The proxy is the gateway between the company's internal network and the Internet, and can be configured to block certain traffic, inappropriate Web sites or any activity the company deems malicious. As long as your users have Internet access, the anonymizer's request to a public proxy outside your network appears on your Web logs as just anot


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


RELATED CONTENT
Microsoft Internet Explorer management
Four Internet Explorer 8 group policy security settings
Safe enterprise Web browsing: Five tips in five minutes
Top client security tips of 2006
Phishing filter: Step 2
General security configuration: Step 1
Windows Vista and IE7: Step 5
ActiveX opt-ins, information bar and cross-domain protection: Step 4
Protection against international domain names, URL handling: Step 3
IE8 brings focus to cross-browser compatibility and Web standards
Cross-site Scripting 102: How to defend against cross-site scripting

Windows desktop security tips
How Windows 7 stands up to security tests
Securing sensitive data on Windows-based laptops
Gathering and documenting your Windows desktop security policies
Windows desktop security standards documentation best practices
Desktop security preparation for a new wave of Windows apps
Four Internet Explorer 8 group policy security settings
The state of enterprise security and emerging threats in 2009
Why should Windows shops use Microsoft Baseline Security Analyzer?
A first look at Windows 7 security enhancements
Using Sysinternals tools in security management scenarios

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
ActiveX  (SearchEnterpriseDesktop.com)
ActiveX control  (SearchEnterpriseDesktop.com)
Internet Explorer  (SearchEnterpriseDesktop.com)
Internet Explorer Administration Kit  (SearchEnterpriseDesktop.com)
tabbed browsing  (SearchEnterpriseDesktop.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


her innocent request to a seemingly innocuous Web site. That makes it tricky to detect and block anonymizers on your network. So what can you do to find anonymizers and protect your network? Let's look at some options.

Detecting anonymizers

Web content filtering products, like Websense and Blue Coat, can be configured to detect users trying to download software, inappropriate or otherwise, and then tuned to block them. It's easy to tune any content blocker to watch for the two main anonymizer products: Anonymizer from Anonymizer, Inc. and Tor from the Electronic Freedom Frontier (EFF) Organization. But there are also dozens of other lesser-known, free products available on the Web that are harder to fingerprint and weed out. So, besides blocking content, you can detect them indirectly by reviewing intrusion detection system (IDS) logs for unusual traffic. This can point to malicious use of your network possibly caused by anonymizer use. A routine analysis could point to a desktop with an anonymizer installation.

Blocking anonymizers

As for preventing their use, with careful planning, you can block elusive anonymizers from causing trouble on your network. The following are some steps, short of the draconian measure of stripping Internet access from all your employees:

About the author
Joel Dubin, CISSP, is an independent computer security consultant in Chicago. He is a Microsoft MVP, specializing in Web and application security, and the author of The Little Black Book of Computer Security available from Amazon. As an expert for SearchSecurity.com, Joel is available to answer your questions on identity and access management.


Rate this Tip
To rate tips, you must be a member of SearchEnterpriseDesktop.com.
Register now to start rating these tips. Log in if you are already a member.


Submit a Tip




DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Enterprise Desktop Security - Virus Protection, Malware Protection, Intrusion Detection
HomeTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogs
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2008 - 2009, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts