The Grey Chronicles

2009.June.20

Blame The Browser!



Last Saturday afternoon, 13th June, the outgoing supervisor complained that Internet browsing have recently became a pain. He claimed he called earlier the corporate Information Technology experts, who suggested to install the newest version of Internet Explorer [IE] then assured that the Internet problems the workstation was having might just go away.

Last Friday, while on the last few minutes of the evening shift, I noticed after logging out of Yahoo Mail in Firefox, a new page was displayed—the kind of page I have never seen before. Assuming it was just a technical glitch, I ignored it and continued to log out of my Windows XP account, after ejecting the USB Kingston Traveller.

Acquiescing to the outgoing supervisor’s request, I installed IE 8.0 on the common supervisor workstation. The installation even offered downloads of IE security updates and a pre-scan to help remove specific, prevalent malicious software using the bundled Microsoft Windows Malicious Software Removal Tool. A shutdown was required. Waited about a few seconds, drumming my fingers all throughout, then the PC automatically restarted.

After the reboot, logged in as user with Administrative access, the Internet Explorer required initialization of personalized settings. Same settings were applied for the proxy numbers. Waited some more . . . and the Internet Explorer opened and automatically connected to Bing, the refurbished MSN! Clicking one of the page’s multitude hyperlinks, mostly redirected to access specific Microsoft web pages, the IE displayed an error page, almost similar to the one I saw the other night, the formatting style however was somewhat different.

The Error PageUnrelenting, I closed the IE web browser, I never like the interface anyway! Opened Firefox and supplied the same Bing URL, and sure thing the same Error Page! Attentively now, I read the error page which offered a short explanation, suggested a few things: refresh the page, check spelling, access from the link, plus some technical details. Anybody with enough web sense would ignore the suggestions. Refreshing the page will definitely NOT correct the error because the technical details described Error Code: 502 Proxy Error. The ISA Server denied the specified Uniform Resource Locator (URL) (12202). Meaning the URL, specifically in this case: http://www.microsoft.com/ was included in the blacklisted URLs filtered by the ISA Server. Neither the remaining two actions would do it: Checking the spelling, the URL is correct, and the address was not mistyped; nor the URL was accessed from a link, it was supplied and entered directly in the Firefox navigation toolbar.

The Error CodeTrying out one of the saved Firefox bookmarks, this time KB970238, the security update I failed to download when the Microsoft Security Bulletin was issued last 09 June, however, the same error message was displayed. Most Microsoft security updates and hotfixes are application files with the definitive .EXE as file extension. Downloading an archive file, a .ZIP, particularly an AntiVir virus definition file [VDF] proved to be no problem, though! Neither was a .DOC or .TXT and other text-based documents, but unfortunately NOT a .PDF file! Unfortunately, as in the past, there was no definitive Advisory from the IT department announcing to all corporate Internet users that such filters were now again in place. My proposal for an Information Security Policy almost a year ago had gone unnoticed or entirely ignored!

I remembered one time when the Internet Security Officer [InfoSec] deliberately filtered all the sites with the word “spy” on it. That was amusing, especially later in the week when most GSPI computers were infected by a persistent spyware! Nobody could help the Information Technology Department [ITD] curb complaints its Help Desk received, until one enterprising user, not this writer, downloaded at home an antispyware, brought it back to the office, deployed it plantwide and killed the spyware. A strongly-worded email asking, “have we conquered all the spywares in the world that we can safely filter out the research for ways to deal with spyware and prohibit downloading antispyware applications using corporate Internet” or words to that effect, was sent by this writer to the ISO’s department head, and the specific filters were immediately removed.

This time, trying for luck, I googled “Executive” and the searched links were filtered, too. Surmised it to say that the InfoSec might have filtered again files with filenames containing the phrase: “exe”! Researching Google for proxy settings, as the Technical Information cited, also resulted in a succession of the same Error Page, because the word proxy was always associated with web-based proxy server used to circumvent legitimate connection in a firewalled Internet. This is definitely one for the books, a typical example of the ID-ten-T Syndrome!

In the past, all bandwidth-intense downloads, i.e., .MP3, .AVI, .FLV, plus a host of multimedia extension and likewise access to the YouTube, or similar social-networking, chat, shopping or game sites were banned from corporate Internet server. Just to prove a point, I tried accessing YouTube and I was able to even download one particular video, an .AVI file. Thus, I concluded that maybe with the plant on shutdown, and only a few personnel on duty, the InfoSec opened access to the previously filtered extensions and web sites to download some new blockbuster movies, television episodes, and the like and enjoy social networking while officially on duty! Fortunately for the InfoSec, his Department Head is on indefinite leave after the plant shutdown.

Thus, the browser was innocent. Instead, blame the InfoSec afflicted with ID-ten-T Syndrome!


Notes:

Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 LicenseDisclaimer: The posts on this site does not necessarily represent any organization’s positions, strategies or opinions; and unless otherwise expressly stated, are licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.

Advertisements

1 Comment »

  1. Funny IT admin you got there!

    Comment by MikeD. — 2009.June.24 @ 18:32 | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: