So....Who are all of the content monitoring companies getting there blacklists from??? Take Websense for example..... I as a penetration tester am not allowed to go to insecure.org while I'm at work because it is classified as "Hacking;Computers/Internet". This is inherently wrong on multiple levels....
First off... why would anyone not be able to go anywhere because it is labeled Computers / Internet. I guess in my profession it is only acceptable to visit sites pertaining to food recipes.
Second.....Insecure.org is not a "Hacking" website. It's not like I'm visiting the webpage for the Canadian Mafia. Insecure.org is a website for security professionals to download the award winning NMAP scanner which is a tool EVERY security professional should know like the back of there hand.
Metasploit.com NOPE
Milw0rm.com NOPE
Packetstorm.org NOPE
Not only does Websense deny visits to insecure.org but it also will prohibit you from visiting sectools.org
ARE YOU KIDDING ME??? websense in there infinite wisdom declares that a security professional should not have the ability to go view or download the top 100 security tools? I would definitely say that a computer security professional going to sectools.org is probably going to get a tool for use in there daily job function...
That's enough ranting for now... I could have sworn that we don't live in China.....
Devoops: Nomad with raw_exec enabled
6 years ago
2 comments:
Woohoo! First comment!
I totally agree with you. Exceptions should certainly be made. What I like even better is when metasploit.com is blocked but metasploit.net and metasploit.org are allowed.
I have the same exact problem! It's amazing how large companies waste money to look good.
Recently I made such a stink that they have agreed to give me unfiltered wireless (3g) access with a laptop.. sounds great, but this unit can only be utilized when signed out from the CISO, Yea he works about 2 outta 5 days in the office! LOL How am I better off?
Post a Comment