All about Work Proxies !

Lots of people ask me if they can use a proxy at work? It is however often not that straight forward, primarily because you are probably already using one. The majority of companies who provide their employees with internet access will do so through their own work proxy server.

They will do this for obvious reasons, for a start they don't want people browsing inappropriate sites at work and allowing access through a work proxy means they can monitor or block what you do. It's a perfectly legitimate thing to do and there are in fact many benefits to allowing people to browse the internet through work proxies.

How do I tell if I'm using proxies at work ?

It's quite straight forward, you just need to see if there is a proxy configured in your browser automatically. Open up your Internet browser, if it's Internet Explorer you'll need to go to tools/internet options/connections/LAN settings and you'll see some settings as below.

Proxy Configured at Work

You can see here that a proxy is configured, and anything apart from local stuff (web sites on your own network) gets routed through the work proxy server.

You'll also get a very good idea on how well set up your network is set up. If you can change these settings, the chances are your network guys are not that concerned with computer security!

In a well configured windows network, these settings should be greyed out and you should never be able to modify them. This is easily achieved through something called Windows Group Policies, these policies can also be used for restricting lots of other settings on your desktop.

Anyway just by checking this you'll find out the following facts:

1) Is your network secure?
2) Is your web browsing being logged at work?
3) Can you use an alternative proxy to browse anonymously at work?

Well if your network is set up properly, you'll be able to see the work proxies settings but not be able to modify them. There is a very good chance your browsing is being actively monitored or at least logged so they can check who and where people are browsing on the internet.

There are other signs, for instance do you have an 'Internet Acceptable Use policy? ' - companies who take these things seriously will almost certainly have such a policy which will normally include a warning that you may be monitored when using this network.

Can I modify my Proxy settings ?

Well that depends, you may be able to modify them but you should always check your firms policy on this. If it's against the terms you simply shouldn't do it - but of course many people still do.

They may want to access a blocked site from work, many employers block applications like Skype or social networking sites like facebook. Some just want to monitor what their employees do at work, and to check for people using the net excessively.

In many insecure environments you may be able to simply remove the work proxy settings, restart the browser and you'll be able to surf unmonitored and uncensored. In that case you don't need to use an alternative proxy server, merely deleting the existing one is enough. There's lots of combinations though and this might cause you to lose access to the internet (if browsing is blocked directly on the company firewall). So if you do experiment, make sure you record the settings in your browser before you start playing with them.

Many people bypass the work proxy server by merely installing a new browser, if your company configures internet explorer to surf through the proxy, if you install chrome or firefox then that is unlikely to be configured, although this may also be blocked.

So no proxies configured = no monitoring ??

Possibly, but there are other options - if you've ever been blocked access to a specific website there is a possibility that you have something called a 'content filter' installed on your network. There are many of these, one of the popular ones is called Surf Control, these devices sit on the network and analyse every request for a web site - they then compare the request with a big list of allowed web sites and either allow you through or block access to that site.

It's surprising how many firms have these content filters either installed on their networks or as part of their work proxies. How you bypass them depends on the installation but there are methods for most that I have come across.

Well hope this helps - remember to be sensible if playing around with proxies at work, I'll put up some more technical details soon so pop by and check occasionally or subscribe to my feed. Always check what you can or can't do at work with regards internet browsing unfortunately as in the rest of our lives you'll probably find out you are being monitored, unless you are using Identity Cloaker of course :)


martha said...

I recently came accross your blog and have been reading along. I thought I would leave my first comment. I dont know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.


Welshgadgets said...

Thank you Martha,

I actually want to put some more about the role of proxies in a work environment. Really from a security perspective an organisation should enforce the use of the corporate proxies by policy and by technical measures.

Of course you can still bypass these work proxies and settings if you have the right tools.

Juan said...

I checked my proxies at work and there are none listed. I have been blocked simply going to google. The program was called Watch Guard and said an email would be sent to the administrator to narc me out. Never heard from the admin but didn't expect trouble from trying to access google. Something more inappropriate and maybe I'd get in trouble, but I do want to use google and considered using Air Proxy. Any thoughts?

Welshgadgets said...

Hi Juan,

Well what happened is that Watchguard is actually a content filter which sniffs the packets on your network. All web traffic is passed through this appliance. Not sure why they are blocking Google though, but with such filters - it could be the search phrase rather than the site - if you were googling for 'proxies' or something similar.

Because all basic web requests are in HTTP they are all clear text, therefore systems like Watchguard can analyse the data easily - they search the whole packet and check against the policies configured about what to allow. Simple proxies like Airproxy won't help you at all, because the URL is still visible in your data.

What you have to do to bypass systems like these is encrypt your data (so that the content filter can't read the URL you are visiting) - options are a VPN back to a home PC (and surf through this), SSH Encrypted tunnel as Identity Cloaker uses or you could try using TOR (which is a free application which encrypts your online connection - can be slow though)

Don't get yourself in trouble though, and check you're not breaking your firms security policies ;)