A friend of mine keeps bugging me for an answer to this, and he's got me kind of curious.

He says that at work his company installed a sonic wall that blocks websites for content like porn, booze, violence, and in his case unfortunately, gun-related content like this forum. Whenever he'd go to a gun website a message would come on warning him that it was from the Sonic Wall stating the administrator had blocked that site due to "weapons" content and all that horseshit.

He figured out how to use a proxy server (WTF that is) and that worked for him for about a year.

Then he says that one day he forgot to use the proxy server and his browser pulled up the gun website he wanted. Shocked, he went to other gun websites and they came right up too.

He knows the company still has that same sonic wall, so he is baffled (and now I'm curious too) how he can suddenly get onto websites previously blocked by their company's sonic wall.

A friend of mine keeps bugging me for an answer to this, and he's got me kind of curious.

He says that at work his company installed a sonic wall that blocks websites for content like porn, booze, violence, and in his case unfortunately, gun-related content like this forum. Whenever he'd go to a gun website a message would come on warning him that it was from the Sonic Wall stating the administrator had blocked that site due to "weapons" content and all that horseshit.

He figured out how to use a proxy server (WTF that is) and that worked for him for about a year.

Then he says that one day he forgot to use the proxy server and his browser pulled up the gun website he wanted. Shocked, he went to other gun websites and they came right up too.

He knows the company still has that same sonic wall, so he is baffled (and now I'm curious too) how he can suddenly get onto websites previously blocked by their company's sonic wall.

I'd guess that the "Sonic Wall" settings were changed. These sorts of things are configurable. Someone changed the configuration.

"Sonic Wall" is a brand name for firewall/gateway type device.


---

@DG... simply imagine that someone told you that you could not dial a certain friends home phone number. So they place some software on your phone that when you dial that number it simply stops the call.

So... you get a "Proxy". You borrow someone's cell phone and make a call to your friend.

Computer wise we all have a phone number known as an IP address. So it's easy to determine the start and finish location numbers and allow or prevent them in software or hardware. Your connection goes through a router and it's usually done there so it's transparent to you.

So your phone 1.1.1.1 can't call your friend 2.2.2.2 because the router sits in the middle. The Proxy 3.3.3.3 is fine per your router because it's not your friends number. Once your message gets to the Proxy it is simply relayed to your friend. Proxy number change quite often and are hard to block.

The reason that you can now make calls directly to your friend from 1.1.1.1 to 2.2.2.2 is either because he changed his phone number to 4.4.4.4 OR your router stopped blocking 2.2.2.2. the latter happens quite often because it's rare to actually block a single number. So the "Router guy" blocks the "neighborhood" that your friend lives in and blocks *.*.*.2. Later he finds that some good guys live in that neighborhood and in the process of un-blocking those your friends number slips through.

As a real world example... You try to block China or Russia due to massive SPAM. Then you get an email one day that two of your best clients are in Russia and China so you have to start figuring ways to let them through. To complicate it further... the bad guys can "spoof" or fake the numbers of the good guys...

So bottom line... a myriad of potential reasons all of which are dynamic. Yesterdays reason and solution may not last until tomorrow.

Wow. Some interesting information. Not being very computer savvy my "pat" answer to my friend has been that some boss at his workplace wanted to look at gun-related sites too and "unblocked" that setting on the Sonic Wall.

Wow. Some interesting information. Not being very computer savvy my "pat" answer to my friend has been that some boss at his workplace wanted to look at gun-related sites too and "unblocked" that setting on the Sonic Wall.

That is most likely what happened.

These sorts of things may have discrete lists of blocked sites, or may do some textual analysis on what to block, but the end result is someone changed the configuration and probably because a boss was interested. The default out of the box was probably used before that happened.

So bottom line... a myriad of potential reasons all of which are dynamic. Yesterdays reason and solution may not last until tomorrow.

Well said.

That same situation occured at my office last year.

I work for a small company of less than 10 employees. An employee somehow got some kind of virus downloaded into the system, it created havoc with that person's computer. The IT geek was able to save the day. From that moment on, the boss aka the MAN had the IT dude put that Sonic wall crap on our server. I couldn't get on any gun forums including this one. It also blocked Facebook, Amazon, Ebay and a bunch of other non gun, non porn sites. It got to a point that even some work related website was blocked (electrical and lighting manufacturers). A few people complained that they couldn't access legitimate websites, so the MAN had the IT geek loosen the pipeline and allow things to flow more freely. Since then I've been able to access M4C and other gun forums. Facebook, porn and Ebay are still blocked though. I don't get on porn at work anyway, not that I'm some goody two shoes or anything, I just don't want to get in trouble with that shit, it's not worth it.

I just don't want to get in trouble with that shit, it's not worth it.

You're just not going to the right places. :lol:

You're just not going to the right places. :lol:

That's cold man.

I would say that even though the firewall has been loosened over the past few weeks or whatever; your friend still needs to stay off stuff that is verboten per company policy. In addition to an active firewall, our Internet traffic here at work is monitored and logged. My boss can request a look see at my web traffic just as he can my access card activity. Don't think that cause the firewall no longer blocks XYZ.com it's now OK to browse that way. Company policy is what dictates acceptable use for work equipment.

I would say that even though the firewall has been loosened over the past few weeks or whatever; your friend still needs to stay off stuff that is verboten per company policy. In addition to an active firewall, our Internet traffic here at work is monitored and logged. My boss can request a look see at my web traffic just as he can my access card activity. Don't think that cause the firewall no longer blocks XYZ.com it's now OK to browse that way. Company policy is what dictates acceptable use for work equipment.

He mentioned something about using a program called "C-Cleaner" or something like that. I guess it's supposed to remove all the "bad" cookies and everything. I think he's well aware that he should keep his surfing to a minimum.

Ok I deal with sonicwall's pretty often(as well as other business class setups). My first guess is that they didn't renew the content filtering service on it and it expired.

How the sonicwall works is it connects to a web account from sonicwall and downloads its licenses. Saves you from installing and tracking them yourself. Pretty simple setup. If you let something like the content expire though and it turns off.

The other ways that you whitelist ip's and your machine was given the address of someone who was whitelisted. You can also bypass it by logging into the sonicwall's admin console. Maybe someone logged in from your terminal?

@DG... simply imagine that someone told you that you could not dial a certain friends home phone number. So they place some software on your phone that when you dial that number it simply stops the call.

So... you get a "Proxy". You borrow someone's cell phone and make a call to your friend.

Computer wise we all have a phone number known as an IP address. So it's easy to determine the start and finish location numbers and allow or prevent them in software or hardware. Your connection goes through a router and it's usually done there so it's transparent to you.

So your phone 1.1.1.1 can't call your friend 2.2.2.2 because the router sits in the middle. The Proxy 3.3.3.3 is fine per your router because it's not your friends number. Once your message gets to the Proxy it is simply relayed to your friend. Proxy number change quite often and are hard to block.

The reason that you can now make calls directly to your friend from 1.1.1.1 to 2.2.2.2 is either because he changed his phone number to 4.4.4.4 OR your router stopped blocking 2.2.2.2. the latter happens quite often because it's rare to actually block a single number. So the "Router guy" blocks the "neighborhood" that your friend lives in and blocks *.*.*.2. Later he finds that some good guys live in that neighborhood and in the process of un-blocking those your friends number slips through.

As a real world example... You try to block China or Russia due to massive SPAM. Then you get an email one day that two of your best clients are in Russia and China so you have to start figuring ways to let them through. To complicate it further... the bad guys can "spoof" or fake the numbers of the good guys...

So bottom line... a myriad of potential reasons all of which are dynamic. Yesterdays reason and solution may not last until tomorrow.

Wow! as someone getting ready to start his 7th decade - I actually understood ALL of that. Very nice explanation, sir! (I'm a college prof, so I really aprreciate great explanations:)

john

He mentioned something about using a program called "C-Cleaner" or something like that. I guess it's supposed to remove all the "bad" cookies and everything. I think he's well aware that he should keep his surfing to a minimum.

cccleaner cleans the local machine. They will be looking at what he does from another machine. One that he can't see... but can see him..

Imagine his boss has a "party line" and can pick it up and listen to any worker at will as well as record the session. A wire tap... same thing.

cccleaner cleans the local machine. They will be looking at what he does from another machine. One that he can't see... but can see him..

Imagine his boss has a "party line" and can pick it up and listen to any worker at will as well as record the session. A wire tap... same thing.

Exactly. Even if you use the 3 pass DOD or 7 pass NSA overwrite options in CCleaner to erase your cookies, internet temp files, and history it's too late. If your company wants to know what content you've been viewing and how often, chances are they already know and won't be concerned with browsing your local machine for files.

We were blocked from social media sites for a while until a higher up realized it would be beneficial for our company to have a presence there.