@Manoj : No , The Firewall cannot log a Secure and encrypted connection . as I said above that the Connection that is being created is Secure using SSL / TLS so its not possible for the firewall to detect such intrusions and so you can bypass the Firewall without even getting detected or Logged by it.
Hello Kuntal How r u? In the organisation where i m working, they use cyberoam and all of us have given a passowrd and username to access the internet. Until not we put the passwords we cannot use internet. I also use Ultrasurf to get on some sites but yesterday i found an webpage http://docs.cyberoam.com/default.asp?id=170&Lang=1&SID= on cyberoam that shows cyberoam can detect Ultrasurf versions up to 8.9, Although i m using 9.3. But the question is, can it detect 9.3 also or find the ip address which we were provided, when we use Ultrasurf.
@Rakesh : I read in manual in full and found that , the problem was due to the Override of Two SSL constant connection and the Bug was detected as :
Bug ID – 5487 Description – Certain Internet Banking sites were not accessible due to Ultrasurf IDP signature.
That was fixed and made detectable to prevent the use of UltraSurf BUT upto version 8.9 and not beyond that , as the UltraSurf evolves its also and nature of bypassing with subsequent version update. So you don't have to worry until your network admin updates the cyberoam version to detect more advanced version of UltraSurf.
@Rakesh : I confirmed that from a friend who works in the eLiteCore System which develops the "Cyberoam" , He confirmed that ONLY if the Firewall has been upgraded to a higher version then it can block UltraSurf and can Log it , but it wont do that until up gradation of it.
Thanks Kunal for your confirmation but can you explain if we are using ultrasurf to bypass sites like orkut or any other site, then what is stored in cyberoam's index page history of viewed page, what i am think there should be any encrypted page but what it would be? In our organisation almost every site was blocked and i owns a blog site where i have to put some mateial daily and i visit "http://advancetechnology.today.com" using Ultrasurf i wonder how Cyberoam keeping the track of visited site.
Hi all, cyberoam can block all version of ultrasurf, signature for 8.9 detect and drop ultrasurf version up to 9.3 and they have given new signature for ultrasurf 9.4 which was not able to block using signature of 8.9.
Thanx Kuntal, for all your support, but still the suspicion remains wheteher what is stored in the cyberoam's index history of viewed pages. Don't you have any clue...
Re: Kuntal one more question, in our oraganisation we have provided with unique IP address with a defalt gateway and a log in password. And if we use Ultrasurf then which IP will be send to the server the original one or any different IP (one thing to remember we can not log into fir internet connection without entering the password and login name provided to us)
@Rakesh : Sorry for the Late reply , was caught up with other jobs.
Here are the Confirmed Answers :
Q : "but can you explain if we are using ultrasurf to bypass sites like orkut or any other site, then what is stored in cyberoam's index page history of viewed page, what i am think there should be any encrypted page but what it would be? In our organisation almost every site was blocked and i owns a blog site where i have to put some mateial daily and i visit "http://advancetechnology.today.com" using Ultrasurf i wonder how Cyberoam keeping the track of visited site."
Ans : If you go through SSL tunnel which is used by ultrasurf then it won't keep the track of the website you surf though that tunnel.But it will keep track of destination of that tunnel.
Example : If you go to Google.com , then don't worry , no links including the IPs will be logged.
Q : In our oraganisation we have provided with unique IP address with a defalt gateway and a log in password. And if we use Ultrasurf then which IP will be send to the server the original one or any different IP (one thing to remember we can not log into fir internet connection without entering the password and login name provided to us)
Ans : When you've given an IP address then the given IP would go to cyberoam.
In Short : Your IP will be logged , Not the site you access.
@Anonymous : You might be interested in this : http://tinyurl.com/qqps4r
The Change in UltraSurf or similar Tunelling softwares are becoming better and better and the Protocol and Breaking systems keep on changing.So there isn't a permanent solution.
14 comments:
Is it possible to detect who is bypassing the cyberoam?
@Manoj : No , The Firewall cannot log a Secure and encrypted connection . as I said above that the Connection that is being created is Secure using SSL / TLS so its not possible for the firewall to detect such intrusions and so you can bypass the Firewall without even getting detected or Logged by it.
Hello Kuntal How r u? In the organisation where i m working, they use cyberoam and all of us have given a passowrd and username to access the internet. Until not we put the passwords we cannot use internet. I also use Ultrasurf to get on some sites but yesterday i found an webpage
http://docs.cyberoam.com/default.asp?id=170&Lang=1&SID=
on cyberoam that shows cyberoam can detect Ultrasurf versions up to 8.9, Although i m using 9.3. But the question is, can it detect 9.3 also or find the ip address which we were provided, when we use Ultrasurf.
Thanks
my weblog
http://advancetechnology.today.com
@Rakesh : I read in manual in full and found that , the problem was due to the Override of Two SSL constant connection and the Bug was detected as :
Bug ID – 5487
Description – Certain Internet Banking sites were not accessible due to Ultrasurf IDP signature.
That was fixed and made detectable to prevent the use of UltraSurf BUT upto version 8.9 and not beyond that , as the UltraSurf evolves its also and nature of bypassing with subsequent version update. So you don't have to worry until your network admin updates the cyberoam version to detect more advanced version of UltraSurf.
So surf freely until your Admin does that.
@Rakesh : I confirmed that from a friend who works in the eLiteCore System which develops the "Cyberoam" , He confirmed that ONLY if the Firewall has been upgraded to a higher version then it can block UltraSurf and can Log it , but it wont do that until up gradation of it.
Confirmed Fact!!
Thanks Kunal for your confirmation but can you explain if we are using ultrasurf to bypass sites like orkut or any other site, then what is stored in cyberoam's index page history of viewed page, what i am think there should be any encrypted page but what it would be? In our organisation almost every site was blocked and i owns a blog site where i have to put some mateial daily and i visit "http://advancetechnology.today.com" using Ultrasurf i wonder how Cyberoam keeping the track of visited site.
Thanx for your reply
@Rakesh : I will soon get back to you as soon as i confirm this issue and its effects.
Hi all, cyberoam can block all version of ultrasurf, signature for 8.9 detect and drop ultrasurf version up to 9.3 and they have given new signature for ultrasurf 9.4 which was not able to block using signature of 8.9.
ALL WORDS WRITTEN ARE CONFIRMED.
@Rakesh : Well you heard that , *sigh* , so the hopes still awake for those whose systems are not Updated with those IP Signatures.
Thanx Kuntal, for all your support, but still the suspicion remains wheteher what is stored in the cyberoam's index history of viewed pages. Don't you have any clue...
Re: Kuntal one more question, in our oraganisation we have provided with unique IP address with a defalt gateway and a log in password. And if we use Ultrasurf then which IP will be send to the server the original one or any different IP (one thing to remember we can not log into fir internet connection without entering the password and login name provided to us)
hi kuntal i work as an IT admin i want to know how i can block Ultrasurf using my Zywall firewwall device'
@Rakesh : Sorry for the Late reply , was caught up with other jobs.
Here are the Confirmed Answers :
Q : "but can you explain if we are using ultrasurf to bypass sites like orkut or any other site, then what is stored in cyberoam's index page history of viewed page, what i am think there should be any encrypted page but what it would be? In our organisation almost every site was blocked and i owns a blog site where i have to put some mateial daily and i visit "http://advancetechnology.today.com" using Ultrasurf i wonder how Cyberoam keeping the track of visited site."
Ans : If you go through SSL tunnel which is used by ultrasurf then it won't keep the track of the website you surf though that tunnel.But it will keep track of destination of that tunnel.
Example : If you go to Google.com , then don't worry , no links including the IPs will be logged.
Q : In our oraganisation we have provided with unique IP address with a defalt gateway and a log in password. And if we use Ultrasurf then which IP will be send to the server the original one or any different IP (one thing to remember we can not log into fir internet connection without entering the password and login name provided to us)
Ans : When you've given an IP address then the given IP would go to cyberoam.
In Short : Your IP will be logged , Not the site you access.
@Anonymous : You might be interested in this : http://tinyurl.com/qqps4r
The Change in UltraSurf or similar Tunelling softwares are becoming better and better and the Protocol and Breaking systems keep on changing.So there isn't a permanent solution.
Just keep your Fingers Crossed. :)
Post a Comment
Feel Free to express your thoughts on this Post.You can also post the request for the topics you want to see in future and scribble your thoughts here
The Comments are Subjected to be Moderated before Publishing.