|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: InfoSec News (alerts
infosecnews.org)
Date: Tue May 04 2010 - 00:44:06 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://news.techworld.com/security/3222227/glype-proxy-may-not-cloak-your-identity/
By Jeremy Kirk
Techworld.com
30 April 10
A widely used proxy service thought to provide anonymous Web surfing and
used to skirt network administrator bans on access to sites like
Facebook frequently reveals sensitive information about its users,
according to a Swiss security researcher.
Glype is a small bit of PHP code that routes requests for Web pages
through other Web pages running its software, said the researcher, who
runs the Swiss Security Blog and the Zeus Tracker project. He prefers to
remain anonymous.
The Glype code allows someone to, for example, access Facebook at work
even if that page is blocked, as it appears the traffic is coming from
the Web page running the proxy. Many companies now block sites such as
Facebook.
Glype's code is free, and anyone can install it on their Web page. But
Glype is frequently misconfigured, the researcher said. It allow someone
running a Glype proxy to turn on a log, which shows the IP (Internet
protocol) address of the user, what site they requested and the time.
[...]
_______________________________________________
Best Selling Security Books and More!
Shop InfoSec News
http://www.shopinfosecnews.org/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]