Defeating WebSense

I have two laptops (one personal, one work) and one home desktop PC. It would be nice to have some files synchronized between them all. I already use Mozy to back up my personal laptop, but that doesn’t address synchronization issues.

I wanted a web-based solution (similar to Mozy), so I did a quick Google search to see what my options were. The first item in the list was FolderShare (by Microsoft), so I figured I’d check it out. I went to http://www.foldershare.com Here’s what I saw:

Blocked by WebSense

Damn… Well, not a big deal. Since I’m a sys admin here, I can just configure WebSense to ignore requests from my IP address. Before I did that, I tried changing the URL to https://www.foldershare.com.

And guess what? It worked!

Apparently, WebSense sees an SSL site as different from the non-SSL site. I have no idea if this is an oversight just for FolderShare, or some weird configuration thing here, or something related to the version of WebSense we’re running… but it is interesting to know that such a simple workaround exists.

Anyway, I’ll be testing FolderShare now — and will blog about that in due time.

3 thoughts on “Defeating WebSense”

  • I’ve been fighting this very issue myself, except on sites I don’t want the users to get to. Per Websense technical support, this is the case for all the different ‘integration’ options they have. UNLESS you have a proxy server.
    The problem stems from the fact that the SSL packet is encrypted and so cannot ‘see’ what the URL is only the IP address – which may or may not be in a permitted (or blocked) category.

    But it is a huge security hole……

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>