Censorship In The Wild: A Measurement-based Analysis of Internet Filtering in Syria
|
|
|
- Christian Collins
- 10 years ago
- Views:
Transcription
1 Censorship In The Wild: A Measurement-based Analysis of Internet Filtering in Syria Emiliano De Cristofaro (University College London) Joint work with: A. Chaabane, T. Chen, A. Friedman, M. Cunche, D. Kaafar Tech Report: 1 / 24
2 Censorship Censorship: The practice of suppressing ideas and information that certain individuals, groups, or government officials may find objectionable, dangerous, or detrimental Often aims to restrict freedom of speech, control knowledge available to masses and enforce ethical/religious principles Internet proliferation has prompted increased electronic censorship Many countries worldwide have some Internet filtering programs See reports from, e.g., OpenNet Initiative, RWB, Freedom House Note that many Western countries (including UK, Australia, France, Italy) also perform non-negligible filtering 2 / 24
3 Motivation Research community has increasingly focused on studying Internet censorship and proposing countermeasures Alas, understanding of filtering processes is inherently limited as analysis is almost exclusively based on probing 1 Both challenging and risky to conduct active measurements 2 Only a limited number of requests can be observed, and only a limited view of policies is possible 3 Hard to assess the extent of the censorship Unsurprisingly, real-world datasets very hard to come by 3 / 24
4 Roadmap 2011 leak of 600GB logs from 7 Blue Coat SG-9000 proxies Deployed in Syria to monitor and filter Internet traffic at a country-scale a unique opportunity to provide a detailed snapshot of a real-world censorship ecosystem We present a measurement-based analysis of the Blue Coat logs, uncovering a relatively stealthy, yet quite targeted, censorship based on four main characteristics: 1 IPs blocking entire subnets 2 Domains blocking specific websites 3 Keywords denying all requests with a certain keyword 4 Category targeting specific content 4 / 24
5 The Dataset Leaked by Telecomix, a hacktivist group during OpSyria: action de surveillance de la censure d Internet en Syria 600 GB of logs from Blue Coat appliances (54GB compressed) Obtained from an unprotected FTP server Made publicly available by Telecomix 5 / 24
6 Blue Coat proxies SG-9000 model, used for filtering and proxying Used by the Syrian Telecommunications Establishment (STE) Installed between Internet backbone and Syrian network 6 / 24
7 Ethics Consideration Even though data was public, we are aware of its sensitivity, thus we: Encrypted all data (and backups) at rest Did not re-distribute the logs Never obtained/extracted users personal information, but only analyzed aggregated traffic statistics Obtained IRB approval from INRIA and NICTA Out of the scope to discuss ethics of leaked data for research purposes (see Egelman et al. s FC 11 panel) 7 / 24
8 Datasets Description and Notation 1/2 Table : Datasets description. Dataset Notation # Requests Period # Proxies Full D full 751,295,830 July 22-23,31, 2011 August 1-6, Sample (4%) D sample 32,310,958 July 22-23, 2011 August 1-6, User D user 6,374,333 July Denied D denied 47,452,194 July 22-23,31, 2011 August 1-6, Million Requests Covering 9 days, Summer 2011 Logs from 7 different Blue Coat appliances 8 / 24
9 Dataset Description and Notation 2/2 Table : Description of a few relevant fields from the logs. Field name Description cs-host Hostname or IP address (e.g., facebook.com) cs-uri-scheme Scheme used by the requested URL (mostly HTTP) cs-uri-port Port of the requested URL cs-uri-path Path of the requested URL (e.g., /home.php) cs-uri-query Query of the requested URL (e.g.,?refid=7&ref=nf fr& rdr) cs-uri-extension Extension of the requested URL (e.g., php, flv, gif,...) cs-user-agent User agent (from request header) cs-categories Categories to which the requested URL has been classified c-ip Client s IP address (removed or anonymized) s-ip The IP address of the proxy that processed the client s request sc-status Protocol status code from the proxy to the client (e.g., 200 for OK) sc-filter-result Content filtering result: DENIED, PROXIED, or OBSERVED x-exception-id Exception raised by the request (e.g., policy denied, dns error). Set to - if no exception was raised. 9 / 24
10 Classification Allowed (x-exception-id = - ): allowed and served (no exception) Denied (x-exception-id - ): not served, either due to network error or censorship 1 Censored (x-exception-id {policy denied, policy redirect}): based on censorship policy 2 Error (x-exception-id { -, policy denied, policy redirect}): due to network error Proxied (sc-filter-result = PROXIED): response is in the cache; request can be either allowed or denied 10 / 24
11 Exception statistics Table : Statistics of different decisions and exceptions in the D sample dataset. sc-filter-result x-exception-id Classification Sample (D sample ) OBSERVED Allowed 30,140,158 (93.28%) PROXIED (total) Proxied 151,554 (0.47%) DENIED (total) Denied 2,019,246 (6.25%) tcp error 947,083 (2.93%) internal error 636,335 (1.97%) invalid request 115,297 (0.36%) unsupported protocol 28,769 (0.09%) dns unresolved hostname Error 6,247 (0.02%) dns server failure 2,235 (0.01%) unsupported encoding 6 (0.00%) invalid response 1 (0.00%) policy denied 283,197 (0.88%) Censored policy redirect 76 (0.00%) 11 / 24
12 Top allowed and censored domains Table : Top-10 allowed Domains. Domain # Of Requests Percentage google.com 2.26M 7.51% gstatic.com 1.03M 3.44% xvideos.com 876, % facebook.com 769, % microsoft.com 740, % fbcdn.net 654, % windowsupdate.com 652, % google-analytics.com 553, % doubleclick.net 518, % msn.com 498, % ytimg.com 470, % mediafire.com 392, % yahoo.com 320, % Table : Top-10 censored Domains. Domain # Of Requests Percentage facebook.com 68, % skype.com 23, % metacafe.com % live.com 18, % google.com 18, % zynga.com 16, % yahoo.com 16, % wikimedia.org 13, % fbcdn.net 12, % ceipmsn.com 6, % conduitapps.com 5, % msn.com 3, % conduit.com 3, % 12 / 24
13 Types of censored requests % Of Request Streaming Media Search Engines Internet Services Content Server Portal Sites Games Instant Messaging Education/Reference General News Other NA Anonymizers Business Social Networking Software/Hardware Online Shopping Shareware/Freeware P2P/File Sharing Entertainment Government/Military Figure : Distribution of censored traffic (D sample ) using categories from McAfee s TrustedSource. NA denotes not available, and Other is used for categories with less than 1K requests. 13 / 24
14 Understanding the Censorship Censorship seems to be based on: 1 Category 2 URL 3 keywords 4 IP Two censorship actions: 1 Simple denied 2 Request redirection Analysis requires: Reverse engineering Identifying keywords/url/ips used to filter requests 14 / 24
15 Category-based Filtering Category-based Filtering: Relate to the cs-categories field (not McAfee s) Classification of the requested page Local database or online tool Only three categories found in the logs: Unknown; None; Blocked Site Blocked Site: A custom-made category Targets specific Facebook pages Triggers redirection of the request 15 / 24
16 URL and keyword based filtering I Table : Top-10 domains suspected to be censored (from D sample ). Domain Censored Allowed Proxied skype.com 23,558 (8.32%) 0 (0.00%) 39 (0.03%) metacafe.com 19,257 (6.80%) 0 (0.00%) 49 (0.03%) wikimedia.org 13,506 (4.77%) 0 (0.00%) 143 (0.09%).il 2,609 (0.92%) 0 (0.00%) 370 (0.24% ) amazon.com 2,356 (0.83%) 0 (0.00%) % aawsat.com 2,180 (0.77%) 0 (0.00%) 230 (0.15%) jumblo.com 1,158 (0.41%) 0 (0.00%) 0 (0.00%) jeddahbikers.com 907 (0.32%) 0 (0.00%) 5 (0.00%) islamway.com 702 (0.25%) 0 (0.00%) 16 (0.01%) badoo.com 614 (0.22%) 0 (0.00%) 25 (0.02%) Media sharing/ IM / Chat : skype.com, metacafe, wikimedia.org Social network: badoo.com Political/Religious/News: islamway.com, aawsat.com,... Shopping: amazon.com 16 / 24
17 URL and keyword based filtering II Table : The list of 5 keywords identified as censored (in D sample ). Keyword Censored Allowed Proxied proxy 194,539 (68.68%) 0 (0.00%) 1,106 (0.73%) hotspotshield 5,846 (2.06%) 0 (0.00%) 24 (0.02%) ultrareach 2,290 (0.81%) 0 (0.00%) 436 (0.29%) israel 2,267 (0.80%) 0 (0.00%) 25 (0.02%) ultrasurf 2,073 (0.73%) 0 (0.00%) 468 (0.31%) Filtering anti-censorship technologies and Israel Proxy triggers many false positives Facebook: like buttons, social plugins,... xhamster: ad proxy.php 17 / 24
18 IP-based filtering I Table : Censorship ratio for top censored countries in D IPv4. Country Censorship # Censored # Allowed Ratio (%) Israel ,191 72,416 Kuwait Russian Federation ,161 United Kingdom , ,387 Netherlands ,206 7,077,371 Singapore ,768 Bulgaria ,786 Israel is by far the most IP-based censored country 18 / 24
19 Social Media Censorship Table : Top-10 censored social networks in D sample. Social network # Censored # Allowed # Proxied facebook.com 68,782 (24.28%) 769,555 (2.55%) 3,942 (2.60%) badoo.com 614 (0.22%) 0 (0.00%) 25 (0.02%) netlog.com 438 (0.15%) 0 (0.00%) 100 (0.07%) linkedin.com 308 (0.11%) 7,019 (0.02%) 75 (0.05%) hi5.com 124 (0.04%) 9,301 (0.03%) 20 (0.01%) skyrock.com 117 (0.04%) 270 (0.00%) 3 (0.00%) twitter.com 7 (0.00%) 115,502 (0.38%) 585 (0.39%) livejournal.com 1 (0.00%) 818 (0.00%) 0 (0.00%) ning.com 1 (0.00%) 1,886 (0.01%) 5 (0.00%) last.fm 0 (0.00%) 1,777 (0.01%) 1 (0.00%) Censored: badoo.com, netlog.com Not censored : facebook.com, twitter.com, linkedin.com, / 24
20 Facebook Table : Top Facebook pages of the Blocked Site category in D full. Facebook page # Censored # Allowed # Proxied Syrian.Revolution Syrian.revolution syria.news.f.n.n ShaamNews fffm barada.channel DaysOfRage Syrian.R.V YouthFreeSyria sooryoon Freedom.Of.Syria SyrianDayOfRage Censored Facebook pages related to Syrian Revolution 20 / 24
21 Anti-censorship technology in use Tor Tor relays not censored Majority of the Tor traffic allowed Reportedly blocked in 2012 Proxies & VPN Peer-to-Peer Networks (e.g., BitTorrent) Used to download censored software, such as Skype Google Cache Used to access censored sites 21 / 24
22 Ethics Consideration (revisited) Even though data was public, we are aware of its sensitivity, thus we: Encrypted all data (and backups) at rest Did not re-distribute the logs Never obtained/extracted users personal information, but only analyzed aggregated traffic statistics Obtained IRB approval from INRIA and NICTA Out of the scope to discuss ethics of leaked data for research purposes (see Egelman et al. s FC11 panel) Our work provides an accurate view/comprehensive analysis of large-scale censorship, thus, can be beneficial to entities on either side of censorship, but: We believe it helps understand the technical aspects of an actual censorship ecosystem, underlying technologies, policies, etc... We hope it can facilitate the design of censorship-evading tools 22 / 24
23 Conclusion 1/2 Presented a measurement-based analysis of Internet filtering in Syria, based on 600GB worth of logs from 7 Blue Coat filtering proxies Provided a detailed, first-of-a-kind snapshot of Syrian censorship practices Uncovered the presence of a relatively stealthy yet quite targeted filtering, which relied on 1 IP addresses to block access to entire subnets 2 Domains to block specific websites 3 Keywords to target specific content 23 / 24
24 Conclusion 2/2 We discovered: Keyword-based censorship produces some collateral damage (e.g., blocking all requests w/ keyword proxy ) IM heavily censored Social media censorship limited to specific pages Some ill-configured rules Anti-censorship technologies going through Some rules blocked a lot of ads Filtering architecture has evolved since 2011 New appliances have been purchased Tor has been blocked Tech Report: (And don t forget PETS, 24 / 24
Censorship in the Wild: Analyzing Internet Filtering in Syria
Censorship in the Wild: Analyzing Internet Filtering in Syria Abdelberi Chaabane INRIA Rhône-Alpes Montbonnot, France Emiliano De Cristofaro University College London London, United Kingdom Terence Chen
Proxy Blocking: Preventing Tunnels Around Your Web Filter. Information Paper August 2009
Proxy Blocking: Preventing Tunnels Around Your Web Filter Information Paper August 2009 Table of Contents Introduction... 3 What Are Proxies?... 3 Web Proxies... 3 CGI Proxies... 4 The Lightspeed Proxy
Best Practices for Controlling Skype within the Enterprise > White Paper
> White Paper Introduction Skype is continuing to gain ground in enterprises as users deploy it on their PCs with or without management approval. As it comes to your organization, should you embrace it
Controlling SSL Decryption. Overview. SSL Variability. Tech Note
Controlling Decryption Tech Note Overview Decryption is a key feature of the PA-4000 Series firewall. With it, -encrypted traffic is decrypted for visibility, control, and granular security. App-ID and
LogLogic Blue Coat ProxySG Syslog Log Configuration Guide
LogLogic Blue Coat ProxySG Syslog Log Configuration Guide Document Release: September 2011 Part Number: LL600070-00ELS100000 This manual supports LogLogic Blue Coat ProxySG Release 1.0 and later, and LogLogic
Best Practices for Controlling Skype within the Enterprise. Whitepaper
Best Practices for Controlling Skype within the Enterprise Whitepaper INTRODUCTION Skype (rhymes with ripe ) is a proprietary peer-to-peer (P2P) voice over Internet protocol (VoIP) network, founded by
HTTPS HTTP. ProxySG Web Server. Client. ProxySG TechBrief Reverse Proxy with SSL. 1 Technical Brief
ProxySG TechBrief Reverse Proxy with SSL What is Reverse Proxy with SSL? The Blue Coat ProxySG includes the basis for a robust and flexible reverse proxy solution. In addition to web policy management,
Reverse Proxy with SSL - ProxySG Technical Brief
SGOS 5 Series Reverse Proxy with SSL - ProxySG Technical Brief What is Reverse Proxy with SSL? The Blue Coat ProxySG includes the functionality for a robust and flexible reverse proxy solution. In addition
ProxySG TechBrief Implementing a Reverse Proxy
ProxySG TechBrief Implementing a Reverse Proxy What is a reverse proxy? The Blue Coat ProxySG provides the basis for a robust and flexible Web communications solution. In addition to Web policy management,
IPv6/IPv4 Automatic Dual Authentication Technique for Campus Network
IPv6/IPv4 Automatic Dual Authentication Technique for Campus Network S. CHITPINITYON, S. SANGUANPONG, K. KOHT-ARSA, W. PITTAYAPITAK, S. ERJONGMANEE AND P. WATANAPONGSE Agenda Introduction Design And Implementation
Masters Project Proxy SG
Masters Project Proxy SG Group Members Chris Candilora Cortland Clater Eric Garner Justin Jones Blue Coat Products Proxy SG Series Blue Coat Proxy SG appliances offer a comprehensive foundation for the
SuperLumin Nemesis. Administration Guide. February 2011
SuperLumin Nemesis Administration Guide February 2011 SuperLumin Nemesis Legal Notices Information contained in this document is believed to be accurate and reliable. However, SuperLumin assumes no responsibility
Microsoft Internet Information Services (IIS)
McAfee Enterprise Security Manager Data Source Configuration Guide Data Source: Microsoft Internet Information Services (IIS) September 30, 2014 Microsoft IIS Page 1 of 11 Important Note: The information
LogLogic Blue Coat ProxySG Log Configuration Guide
LogLogic Blue Coat ProxySG Log Configuration Guide Document Release: September 2011 Part Number: LL600012-00ELS100001 This manual supports LogLogic Blue Coat ProxySG Release 1.0 and later, and LogLogic
Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway
Controlling Risk, Conserving Bandwidth, and Monitoring Productivity with Websense Web Security and Websense Content Gateway Websense Support Webinar January 2010 web security data security email security
Configuring SonicWALL TSA on Citrix and Terminal Services Servers
Configuring on Citrix and Terminal Services Servers Document Scope This solutions document describes how to install, configure, and use the SonicWALL Terminal Services Agent (TSA) on a multi-user server,
Pass Through Proxy. How-to. Overview:..1 Why PTP?...1
Pass Through Proxy How-to Overview:..1 Why PTP?...1 Via an SA port...1 Via external DNS resolution...1 Examples of Using Passthrough Proxy...2 Example configuration using virtual host name:...3 Example
Blue Coat Security First Steps Solution for Deploying an Explicit Proxy
Blue Coat Security First Steps Solution for Deploying an Explicit Proxy SGOS 6.5 Third Party Copyright Notices 2014 Blue Coat Systems, Inc. All rights reserved. BLUE COAT, PROXYSG, PACKETSHAPER, CACHEFLOW,
Secure Web Appliance. Reverse Proxy
Secure Web Appliance Reverse Proxy Table of Contents 1. Introduction... 1 1.1. About CYAN Secure Web Appliance... 1 1.2. About Reverse Proxy... 1 1.3. About this Manual... 1 1.3.1. Document Conventions...
The Challenges of Stopping Illegal Peer-to-Peer File Sharing
The Challenges of Stopping Illegal Peer-to-Peer File Sharing Kevin Bauer Dirk Grunwald Douglas Sicker Department of Computer Science University of Colorado Context: The Rise of Peer-to-Peer 1993-2000:
Barracuda Link Balancer Administrator s Guide
Barracuda Link Balancer Administrator s Guide Version 1.0 Barracuda Networks Inc. 3175 S. Winchester Blvd. Campbell, CA 95008 http://www.barracuda.com Copyright Notice Copyright 2008, Barracuda Networks
User Identification and Authentication
User Identification and Authentication Vital Security 9.2 Copyright Copyright 1996-2008. Finjan Software Inc.and its affiliates and subsidiaries ( Finjan ). All rights reserved. All text and figures included
Setting Up Scan to SMB on TaskALFA series MFP s.
Setting Up Scan to SMB on TaskALFA series MFP s. There are three steps necessary to set up a new Scan to SMB function button on the TaskALFA series color MFP. 1. A folder must be created on the PC and
Chapter 6 Virtual Private Networking Using SSL Connections
Chapter 6 Virtual Private Networking Using SSL Connections The FVS336G ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN provides a hardwarebased SSL VPN solution designed specifically to provide
Filter Avoidance and Anonymous Proxy Guard
March 21, 2011 Author: Audience: SWAT Team Evaluator Product: Cymphonix Network Composer EX Series, XLi OS version 9 Filter Avoidance and Anonymous Proxy Guard Filter Avoidance The award winning XLi technology
Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications
Single Pass Load Balancing with Session Persistence in IPv6 Network C. J. (Charlie) Liu Network Operations Charter Communications Load Balancer Today o Load balancing is still in use today. It is now considered
Deployment Guide Microsoft IIS 7.0
Deployment Guide Microsoft IIS 7.0 DG_IIS_022012.1 TABLE OF CONTENTS 1 Introduction... 4 2 Deployment Guide Overview... 4 3 Deployment Guide Prerequisites... 4 4 Accessing the AX Series Load Balancer...
Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX64 MX64W MX84 MX100 MX400 MX600
MX Sizing Guide DECEMBER 2015 This technical document provides guidelines for choosing the right Cisco Meraki security appliance based on real-world deployments, industry standard benchmarks and in-depth
Monitoring Pramati Web Server
Monitoring Pramati Web Server 15 Overview This section describes how to monitor Pramati Web Server from the Console. You can monitor information regarding the running Default Server and Virtual Hosts,
F-Secure Messaging Security Gateway. Deployment Guide
F-Secure Messaging Security Gateway Deployment Guide TOC F-Secure Messaging Security Gateway Contents Chapter 1: Deploying F-Secure Messaging Security Gateway...3 1.1 The typical product deployment model...4
Portal Administration. Administrator Guide
Portal Administration Administrator Guide Portal Administration Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec
McAfee Web Gateway 7.4.2
Release Notes Revision A McAfee Web Gateway 7.4.2 Contents About this release New features and enhancements Resolved issues Installation instructions Known issues Additional information Find product documentation
How to Gain Visibility and Control of Encrypted SSL Web Sessions >
White Paper How to Gain Visibility and Control of Encrypted SSL Web Sessions > Executive Summary Web applications (and their derivatives IM, P2P, Web Services) continue to comprise the overwhelming majority
SSL Enforcer Documentation
SSL Enforcer Documentation Introduction Install and Uninstall Getting Started Main Settings Options Log Introduction Today a vast majority of Internet activities like social networking, streaming videos,
Firewall Defaults, Public Server Rule, and Secondary WAN IP Address
Firewall Defaults, Public Server Rule, and Secondary WAN IP Address This quick start guide provides the firewall defaults and explains how to configure some basic firewall rules for the ProSafe Wireless-N
User Management: Traffic Control, Bandwidth, Schedule
9 CHAPTER User Management: Traffic Control, Bandwidth, Schedule This chapter describes how to configure role-based traffic control policies, bandwidth management, session and heartbeat timers. Topics include:
Installing and Configuring vcenter Support Assistant
Installing and Configuring vcenter Support Assistant vcenter Support Assistant 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
iboss Secure Web User Manual Gateway
iboss Secure Web User Manual Gateway Note: Please refer to the User Manual online for the latest updates at www.iboss.com. Copyright by iboss, Inc. All rights reserved. No part of this publication may
Firewalls, IDS and IPS
Session 9 Firewalls, IDS and IPS Prepared By: Dr. Mohamed Abd-Eldayem Ref.: Corporate Computer and Network Security By: Raymond Panko Basic Firewall Operation 2. Internet Border Firewall 1. Internet (Not
User Guide. You will be presented with a login screen which will ask you for your username and password.
User Guide Overview SurfProtect is a real-time web-site filtering system designed to adapt to your particular needs. The main advantage with SurfProtect over many rivals is its unique architecture that
Lab 12.1.7 Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance
Lab 12.1.7 Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance Objective Scenario Estimated Time: 20 minutes Number of Team Members: Two teams with four students per team
MaaS360 Mobile Enterprise Gateway
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2013 Fiberlink Communications Corporation. All rights reserved. Information in this document is subject to change without notice. The software
Preparing for GO!Enterprise MDM On-Demand Service
Preparing for GO!Enterprise MDM On-Demand Service This guide provides information on...... An overview of GO!Enterprise MDM... Preparing your environment for GO!Enterprise MDM On-Demand... Firewall rules
Check Point submitted the SWG-12600 Secure Web Gateway for
Key findings and conclusions: Lab Testing Summary Report September 213 Report 1382 Product Category: Web Security Gateway Vendors/Products Tested: Secure Web Gateway BlueCoat Proxy SG3-5 Appliance Websense
USG40HE Content Filter Customization
USG40HE Content Filter Customization This guide is designed to help with the setup of the ZyWALL s content filtering feature. Supported Devices USG40HE Firmware version 4.10(AALA.0) or later Overview Content
MaaS360 Mobile Enterprise Gateway
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2014 Fiberlink, an IBM Company. All rights reserved. Information in this document is subject to change without notice. The software described
Comprehensive IP Traffic Monitoring with FTAS System
Comprehensive IP Traffic Monitoring with FTAS System Tomáš Košňar [email protected] CESNET, association of legal entities Prague, Czech Republic Abstract System FTAS is designed for large-scale continuous
How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)
NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content Filtering
Using TestLogServer for Web Security Troubleshooting
Using TestLogServer for Web Security Troubleshooting Topic 50330 TestLogServer Web Security Solutions Version 7.7, Updated 19-Sept- 2013 A command-line utility called TestLogServer is included as part
Cisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model: MX60 MX60W MX80 MX100 MX400 MX600
MX Sizing Guide MARCH 2014 This technical document provides guidelines for choosing the right Cisco Meraki security appliance based on real-world deployments, industry standard benchmarks and in-depth
Symantec Event Collector 3.6 for Blue Coat Proxy Quick Reference
Symantec Event Collector 3.6 for Blue Coat Proxy Quick Reference Symantec Event Collector for Blue Coat Proxy Quick Reference The software described in this book is furnished under a license agreement
Configuring the WT-4 for ftp (Ad-hoc Mode)
En Configuring the WT-4 for ftp (Ad-hoc Mode) Mac OS X Introduction This document provides basic instructions on configuring the WT-4 wireless transmitter and a Mac OS X (10.5.2) ftp server for transmission
User Guide. Cloud Gateway Software Device
User Guide Cloud Gateway Software Device This document is designed to provide information about the first time configuration and administrator use of the Cloud Gateway (web filtering device software).
Investment Management System. Connectivity Guide. IMS Connectivity Guide Page 1 of 11
Investment Management System Connectivity Guide IMS Connectivity Guide Page 1 of 11 1. Introduction This document details the necessary steps and procedures required for organisations to access the Homes
EAGLE EYE IP TAP. 1. Introduction
1. Introduction The Eagle Eye - IP tap is a passive IP network application platform for lawful interception and network monitoring. Designed to be used in distributed surveillance environments, the Eagle
Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security
Web Security Gateway Web Security Web Filter Express Hosted Web Security Web Security Solutions The Approach In the past, most Web content was static and predictable. But today s reality is that Web content
Introduction to Computer Security Benoit Donnet Academic Year 2015-2016
Introduction to Computer Security Benoit Donnet Academic Year 2015-2016 1 Agenda Networking Chapter 1: Firewalls Chapter 2: Proxy Chapter 3: Intrusion Detection System Chapter 4: Network Attacks Chapter
How the Great Firewall discovers hidden circumvention servers. Roya Ensafi David Fifield Philipp Winter Nick Weaver Nick Feamster Vern Paxson
How the Great Firewall discovers hidden circumvention servers Roya Ensafi David Fifield Philipp Winter Nick Weaver Nick Feamster Vern Paxson Much already known about GFW Numerous research papers and blog
ProxySG TechBrief Enabling Transparent Authentication
ProxySG TechBrief Enabling Transparent Authentication What is Transparent Authentication? Authentication is a key factor when defining a web access policy. When the Blue Coat ProxyxSG is configured for
Chapter 3 Security and Firewall Protection
Chapter 3 Security and Firewall Protection This chapter describes how to use the basic firewall features of the ADSL2+ Modem Router to protect your network. Firewall Settings You can set up the ADSL2+
Netsweeper Whitepaper
Netsweeper Inc. Corporate Headquarters 104 Dawson Road Suite 100 Guelph, ON, Canada N1H 1A7 CANADA T: +1 (519) 826 5222 F: +1 (519) 826 5228 Netsweeper Whitepaper Deploying Netsweeper Internet Content
642 523 Securing Networks with PIX and ASA
642 523 Securing Networks with PIX and ASA Course Number: 642 523 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional and the Cisco Firewall
DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5
DEPLOYMENT GUIDE Version 1.2 Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5 Table of Contents Table of Contents Deploying the BIG-IP system v10 with Microsoft IIS Prerequisites and configuration
loss-tolerant and time sensitive loss-intolerant and time sensitive loss-intolerant and time insensitive
CS326e Quiz 5 The first correct 10 answers will be worth 1 point each. Each subsequent correct answer will be worth 0.2 points. Circle the correct answer. UTEID The transfer of an html file from one host
Detecting rogue systems
Product Guide Revision A McAfee Rogue System Detection 4.7.1 For use with epolicy Orchestrator 4.6.3-5.0.0 Software Detecting rogue systems Unprotected systems, referred to as rogue systems, are often
A D M I N I S T R A T O R V 1. 0
A D M I N I S T R A T O R F A Q V 1. 0 2011 Fastnet SA, St-Sulpice, Switzerland. All rights reserved. Reproduction in whole or in part in any form of this manual without written permission of Fastnet SA
Web Security Firewall Setup. Administrator Guide
Web Security Firewall Setup Administrator Guide Web Security Firewall Setup Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec,
iboss Secure Web Gateway User Manual
iboss Secure Web Gateway User Manual SWOCA Delegated Administration Note: Please refer to the User Manual online for the latest updates at www.iboss.com. Copyright by iboss, Inc. All rights reserved. No
Step-by-Step Configuration
Step-by-Step Configuration Kerio Technologies C 2001-2003 Kerio Technologies. All Rights Reserved. Printing Date: December 17, 2003 This guide provides detailed description on configuration of the local
Barracuda Load Balancer Online Demo Guide
Barracuda Load Balancer Online Demo Guide Rev 1.3 October 04, 2012 Product Introduction The Barracuda Networks Load Balancer provides comprehensive IP load balancing capabilities to any IP-based application,
NetSpective Content Filter User Guide
NetSpective Content Filter User Guide Copyright 2002-2013 by TeleMate.Net Software, LLC. All rights reserved Although the author and publisher have made every effort to ensure that the information in this
Web Application Firewall
Web Application Firewall Getting Started Guide August 3, 2015 Copyright 2014-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks
Working With Virtual Hosts on Pramati Server
Working With Virtual Hosts on Pramati Server 13 Overview Virtual hosting allows a single machine to be addressed by different names. There are two ways for configuring Virtual Hosts. They are: Domain Name
NETWORKS AND THE INTERNET
NETWORKS AND THE INTERNET Outline to accompany the slide presentation 1. Networks and the Internet A Primer for Prosecutors and Investigators 2. Getting There From networks to the Internet Locating a place
Kerio WinRoute Firewall Features Summary and Simple Setup Guide (for version 6.x)
Kerio WinRoute Firewall Features Summary and Simple Setup Guide (for version 6.x) Network setup and KWF installation/administration Before Installing Manual TCP/IP configuration on the firewall host DHCP
Citrix Receiver for Mobile Devices Troubleshooting Guide
Citrix Receiver for Mobile Devices Troubleshooting Guide www.citrix.com Contents REQUIREMENTS...3 KNOWN LIMITATIONS...3 TROUBLESHOOTING QUESTIONS TO ASK...3 TROUBLESHOOTING TOOLS...4 BASIC TROUBLESHOOTING
Application Detection
The following topics describe Firepower System application detection : Overview:, page 1 Custom Application Detectors, page 7 Viewing or Downloading Detector Details, page 15 Sorting the Detector List,
WEBTITAN CLOUD. User Identification Guide BLOCK WEB THREATS BOOST PRODUCTIVITY REDUCE LIABILITIES
BLOCK WEB THREATS BOOST PRODUCTIVITY REDUCE LIABILITIES WEBTITAN CLOUD User Identification Guide This guide explains how to install and configure the WebTitan Cloud Active Directory components required
ANALYSIS. wikia.com. YOUR NAME & SLOGAN Call Me: +11-223-444-5556
ANALYSIS wikia.com -- YOUR NAME & SLOGAN Content MOBILE DEVICES Mobile optimisation GOOGLE SEARCH RESULT LIST PREVIEW DOMAIN / URL AUDIT NUMBER OF SOCIAL MEDIA SHARES META DATA SEO AUDIT: CONTENT ANALYSIS
ZyWALL USG ZLD 3.0 Support Notes
2012 ZyWALL USG ZLD 3.0 Support Notes CSO ZyXEL 2/1/2012 Scenario 1 - Reserving Highest Bandwidth Management Priority for VoIP Traffic 1.1 Application scenario In an enterprise network, there are various
Fasthosts Internet Parallels Plesk 10 Manual
Fasthosts Internet Parallels Plesk 10 Manual Introduction... 2 Before you begin... 2 Logging in to the Plesk control panel... 2 Securing access to the Plesk 10 control panel... 3 Configuring your new server...
DameWare Server. Administrator Guide
DameWare Server Administrator Guide About DameWare Contact Information Team Contact Information Sales 1.866.270.1449 General Support Technical Support Customer Service User Forums http://www.dameware.com/customers.aspx
Chapter 15. Firewalls, IDS and IPS
Chapter 15 Firewalls, IDS and IPS Basic Firewall Operation The firewall is a border firewall. It sits at the boundary between the corporate site and the external Internet. A firewall examines each packet
This presentation discusses the new support for the session initiation protocol in WebSphere Application Server V6.1.
This presentation discusses the new support for the session initiation protocol in WebSphere Application Server V6.1. WASv61_SIP_overview.ppt Page 1 of 27 This presentation will provide an overview of
The old Internet. Software in the Network: Outline. Traditional Design. 1) Basic Caching. The Arrival of Software (in the network)
The old Software in the Network: What Happened and Where to Go Prof. Eric A. Brewer UC Berkeley Inktomi Corporation Local networks with local names and switches IP creates global namespace and links the
DEPLOYMENT GUIDE Version 2.1. Deploying F5 with Microsoft SharePoint 2010
DEPLOYMENT GUIDE Version 2.1 Deploying F5 with Microsoft SharePoint 2010 Table of Contents Table of Contents Introducing the F5 Deployment Guide for Microsoft SharePoint 2010 Prerequisites and configuration
Content Filtering Client Policy & Reporting Administrator s Guide
Content Filtering Client Policy & Reporting Administrator s Guide Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION
A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.
A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based
How To Upgrade To Symantec Mail Security Appliance 7.5.5
Release notes Information Foundation 2007 Symantec Mail Security Appliance 7.5 Copyright 1999-2007 Symantec Corporation. All rights reserved. Before installing or upgrading: Migration issues If you are
Application Note. Onsight Connect Network Requirements v6.3
Application Note Onsight Connect Network Requirements v6.3 APPLICATION NOTE... 1 ONSIGHT CONNECT NETWORK REQUIREMENTS V6.3... 1 1 ONSIGHT CONNECT SERVICE NETWORK REQUIREMENTS... 3 1.1 Onsight Connect Overview...
Configuring the WT-4 for ftp (Ad-hoc Mode)
En Configuring the WT-4 for ftp (Ad-hoc Mode) Windows XP Introduction This document provides basic instructions on configuring the WT-4 wireless transmitter and a Windows XP Professional SP2 ftp server
Lab Testing Summary Report
Lab Testing Summary Report February 14 Report 132B Product Category: Web Security Gateway Vendor Tested: Key findings and conclusions: security appliance exhibits best rate to date, 91.3%, for classifying
Product Guide Revision A. McAfee Web Reporter 5.2.1
Product Guide Revision A McAfee Web Reporter 5.2.1 COPYRIGHT Copyright 2012 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection, McAfee
BorderWare Firewall Server 7.1. Release Notes
BorderWare Firewall Server 7.1 Release Notes BorderWare Technologies is pleased to announce the release of version 7.1 of the BorderWare Firewall Server. This release includes following new features and
Module 6. Designing and Deploying External Access. MVA Jump Start
Module 6 Designing and Deploying External Access MVA Jump Start Module Overview Conferencing and External Capabilities of Lync Server 2013 Planning for IM and Presence Federation Designing Edge Services
FortiBalancer: Global Server Load Balancing WHITE PAPER
FortiBalancer: Global Server Load Balancing WHITE PAPER FORTINET FortiBalancer: Global Server Load Balancing PAGE 2 Introduction Scalability, high availability and performance are critical to the success
Flow Analysis Versus Packet Analysis. What Should You Choose?
Flow Analysis Versus Packet Analysis. What Should You Choose? www.netfort.com Flow analysis can help to determine traffic statistics overall, but it falls short when you need to analyse a specific conversation
V Series Rapid Deployment Version 7.5
V Series Rapid Deployment Version 7.5 Table of Contents Module 1: First Boot Module 2: Configure P1 and N interfaces Module 3: Websense Software installation (Reporting Server) Module 4: Post installation
