[quoted text, click to view]

Ajitesh,
nice to see you detailed your request in this new post :)

Basically a firewall can deny you access to web sites bythree different
methods:

1. Block any request for certain IPs
2. Evaluate your office clients HTTP requests every time are generated and
perform a comparison against a prohibited web sites database (so called
internet filtering talking about firewall action, so called content
analysis talking about firewall technology in place)
3. Specify which destination your machine (or you as user) can reach, and
prohibit any other destination.

In first two cases, both methods can be bypassed simply using a web
anonymous proxy. There are many online, free for a certain amount of
traffic volume (then you have to pay for more bandwidth), eventually
capable of hiding your real request inside an HTTPS request (to avoid
sniffers check or firewall content analysis).
Specifically in second case, some administrators, to avoid this behavior
and don't let company users walkaround firewall restrictions, put into
prohibited web sites database also this kind of web anonymous proxy sites,
so you cannot go directly for your destination and neither go for them. But
anonymous web proxies grow every day and it's very difficult to catalog and
block every of them.

In third case you cannot use this technique to avoid firewall restriction.
You should implement a personal web proxy on one resource administrator
allowed for you, but this become very complex when your resources allowed
are inside your company and not outside. Anyway this last method for block
company users is rarely used.

--

Alessandro Perilli
Security Consultant / Trainer

MCT - MCSE 2000 SECURITY - LINUX+
CCSI - CCSE 2000 - CCSE+ NG
CCNA - CIWP - CIWSA - CCA XP