2

My Institute uses Proxy Authentication for monitoring individual browsing activities. This usually means I need to enter my username and password for using any internet related things.

But recently I was using a virtual machine (Ubuntu on VMware) on my windows 7 and noted that I can browse inside the virtual machine without entering any password. I tested it again and again using a clean system to avoid the chance of password caching or saving.

How can this be possible ? I remember that the virtual network device is configured to use NAT. Even then this shouldn't be possible ryt?

What is happening behind? How can the authentication be strengthened to take care of such loop holes?

Jeffy
  • 21

1 Answers1

2

Two possibilities come to my mind (the second one being more likely):

1) It is possible that your proxy policy is configured solely for the browsers, but Internet access not limited (ie via Group Policy Objets if in a Windows domain). In this case, the browser would use the proxy but many other applications (including those running inside the virtual machine). This is surprising, because you'd normally filter HTTP traffic when providing a proxy within a network.

2) If your proxy authentication is done via some web inteface, even via Windows Domain Logon, or via some other Single Sign On strategy (ie. such as those implemented by appliances like Fortigate); then you may be on a system where your access rights are granted based on your dynamic IP. In such case, since your Virtual Machine network uses S-NAT, the source address will be the same and access will be granted once you've authenticated once. In this case, a proxy may or may not be necessarily configured in the browser options.

jjmontes
  • 3,586