sophos

How To Access Blocked Sites Using Google Web Cache, And How To Prevent It With Sophos UTM

by

Scott Glew

Scott Glew

I thought I’d show you a simple way people can potentially access blocked sites using Google’s Web Cache, and how you can use Sophos UTM to prevent it.

Google crawls, indexes and caches all websites on the Internet in its mission to organize the world's information. What you may not know is that you can access Google's cached copy of any website using a simple cache: directive in the Google search box. This includes websites that your company, school or organization is actively blocking with URL filtering.

In the video above, I demonstrate how to use Google's Web Cache to access YouTube.com after creating a web filter policy in Sophos UTM to block it.

The technique is quite simple. Go to google.com and enter cache: followed by the site you want to access. For example:

Access YouTube Through Google Web Cache

Link: cache:https://www.youtube.com

Because content is retrieved the webcache.googleusercontent.com domain, it does not match any URL filters you have defined, such as YouTube.com in my example.

After investigating the allowed traffic using Fastvue Sophos Reporter, I discovered that Sophos UTM was categorizing the webcache.googleusercontent.com domain as Anonymizing Utilities, and blocking that category was the best way to prevent the bypass technique.

Watch the video for more information, such as the effect of using Application Control to block YouTube through the Google Web Cache.

I hope this helps! If you found this useful, let me know in the comments!

Take Fastvue Reporter for a test drive

Download our FREE 30-day trial, or schedule a demo and we'll show you how it works.

  • Share this story
    facebook
    twitter
    linkedIn

How to Configure Multiple Site-to-Site SSL VPNs with Sophos UTM

This article illustrates how to configure site-to-site SSL VPNs for a multi-hop, Grandparent, Parent, Child network using Sophos UTM.
Sophos

Deploying Endpoint Protection with Sophos UTM and Enterprise Console

This article explains how to deploy Sophos Endpoint Protection's Web Control module using Sophos UTM and Sophos Enterprise Console (SEC) policies.
Sophos