Site New Answers Search Boards ILM ILE Answers New Question New Questions New Poll Blog View Register Login

Website Blocked By SonicWall Filter

Message Bookmarked
Bookmark Removed
Anyone know of a way to get around this firewall? My access at home is via a school (wifi from across the street) and I cannot access ILX.

57 7th (calstars), Tuesday, 1 June 2004 19:04 (twenty years ago)

tunnel to an https proxy

TRON FIGHTS FOR THE USERS (ex machina), Tuesday, 1 June 2004 19:11 (twenty years ago)

if i was mooching free internet from a school, i'd be happy enough to give up ILX

chrisco (chrisco), Tuesday, 1 June 2004 19:18 (twenty years ago)

You know it HAS been kind of refreshing.

57 7th (calstars), Tuesday, 1 June 2004 19:22 (twenty years ago)

Jon would you mind giving me a start on tunneling to that proxy? thx

57 7th (calstars), Tuesday, 1 June 2004 20:13 (twenty years ago)

a start

TOMBOT, Tuesday, 1 June 2004 20:15 (twenty years ago)

Actually for https (not sure that's necessary always) you will want to change the "8080" in that link to a "443" or add SSL or SSH

TOMBOT, Tuesday, 1 June 2004 20:19 (twenty years ago)

does this work? i'm doing it off http://www.proxyone.com although it may be 10 hits per day only though on this site. but there are numerous others and this one doesn't require additional setup. although cookies may not work on some of these web proxies

ken c (ken c), Tuesday, 1 June 2004 20:25 (twenty years ago)

I found a bunch of sites with anonymous proxies (thanks tombot), and configured my browser to access the interweb through those proxies, but the firewall was still kicking my ass out. I spoke to an IT guy at work who said that I would have to figure out if the admins who set up the firewall left any ports open. Does this mean I should go into my proxy settings and incrememnt the ports? ie 8080 > 8081 > 8082 etc until I can connect?

57 7th (calstars), Wednesday, 2 June 2004 13:41 (twenty years ago)

If the firewall has locked up all the common proxy ports you might be SOL. Incrementing the ports doesn't sound like such a great idea, let me see if I can find some things out about that SonicWall Filter and help you out.

TOMBOT, Wednesday, 2 June 2004 13:46 (twenty years ago)

You aren't dealing with a traditional FW here, the port thing isn't the problem. According to the docs I just read the SonicWall does content and keyword-based filtering so an unencrypted proxy isn't going to do you any good. At this point try and go with Jon's suggestion and find a proxy that's encrypted - port 443, 1443, "encrypted proxy", so on and so forth. As long as the SonicWall can drill down through the traffic and read what you're doing it will keep blocking you.

I don't deal with content-filtering shit much of the time so YMMV.

TOMBOT, Wednesday, 2 June 2004 13:50 (twenty years ago)

thx tombot, for great justice

57 7th (calstars), Wednesday, 2 June 2004 14:05 (twenty years ago)

Haha, if i was your network admin and you even tried to bypass my proxy i'd find you and ban your ass.

Just a warning from a network admin.

Jarlr'mai (jarlrmai), Wednesday, 2 June 2004 15:15 (twenty years ago)

His network admin at work isn't the one at home.

HAMBURGER NEURON GROUP (ex machina), Wednesday, 2 June 2004 15:24 (twenty years ago)

http://www.nocrew.org/software/httptunnel.html

this is handy

HAMBURGER NEURON GROUP (ex machina), Wednesday, 2 June 2004 15:27 (twenty years ago)

yes handy for using Linux and needing to run telnet over port 8080 in a very inefficient fashion through a standard firewall

that thing sounds crufty as fuck, telnet tunnelled via HTTP sounds so horribly horribly wrong and awful, you realize telnet sends each letter you type as a separate packet? dear god

TOMBOT, Wednesday, 2 June 2004 16:26 (twenty years ago)

TOMBOT, yech that would suck for telnet and ssh. Keep in mind that server response data would be sent in larger packets though. And I believe that telnet uses a small TCP window size so that not too much will be on the wire at once. Thusly multiple keystrokes would be able to be coalesced into single packets if the window was full.

PS - http://sites.inka.de/sites/bigred/devel/tcp-tcp.html

HAMBURGER NEURON GROUP (ex machina), Wednesday, 2 June 2004 16:33 (twenty years ago)

You guys have totally lost me, but I will try the 'nocrew' link tonight at home. BTW the 'proxyone' site worked great, but free access is limited to 10 page views per 24 hrs.

57 7th (calstars), Wednesday, 2 June 2004 16:37 (twenty years ago)

that's a good link. at some point when I don't have to write documentation I will run that in the lab and see what it looks like on the wire and if we can get the IDS to catch it.

however the fact that the TCP over TCP thing was written by Olaf Titz is what really makes my day.

TOMBOT, Wednesday, 2 June 2004 16:41 (twenty years ago)

yea, the httptunnel thing won't be too useful without linux. do you have any friends with a fast connection?

HAMBURGER NEURON GROUP (ex machina), Wednesday, 2 June 2004 16:43 (twenty years ago)

one year passes...
damn you work network people! but I have gotten around you with the amazing p3r.net url you forgot to block!

kyle (akmonday), Monday, 27 June 2005 20:51 (nineteen years ago)

has anyone used this: http://tor.eff.org/cvs/tor/doc/tor-doc.html ?

It sounds simple enough!

kyle (akmonday), Tuesday, 28 June 2005 13:39 (nineteen years ago)

Yes and it rules.

THE JAMES DEAN OF THE OLD TESTAMENT (ex machina), Tuesday, 28 June 2005 21:37 (nineteen years ago)

so is the idea that I can set up one of these tor servers on my home machine, for instance; and then use that server as a proxy from my work computer?

kyle (akmonday), Tuesday, 28 June 2005 21:42 (nineteen years ago)

i'm assuming I can't just run tor as a client on my firewalled work computer and get outside of their filter

kyle (akmonday), Tuesday, 28 June 2005 21:43 (nineteen years ago)

Not really. What you probably want is to run the client at work. It acts as a proxy server and coordinates with the rest of the Tor network.

xpost!

You'd be surprised! It can be setup to connect using standard HTTP. Then the requests can be set to only use HTTPS. The traffic just looks like HTTPS traffic.

THE JAMES DEAN OF THE OLD TESTAMENT (ex machina), Tuesday, 28 June 2005 21:44 (nineteen years ago)

that is too awesome

kyle (akmonday), Tuesday, 28 June 2005 21:45 (nineteen years ago)

A thread about bypassing proxies, firewalls, routers, etc.

THE JAMES DEAN OF THE OLD TESTAMENT (ex machina), Tuesday, 28 June 2005 21:53 (nineteen years ago)

haha TOR kicks ass

kyle (akmonday), Wednesday, 29 June 2005 15:35 (nineteen years ago)

PWN PWN PWN. How is the speed. I have only ever used it over GPRS.

THE JAMES DEAN OF THE OLD TESTAMENT (ex machina), Wednesday, 29 June 2005 15:37 (nineteen years ago)

it was slow for the first connection and now it's unnoticable

kyle (akmonday), Wednesday, 29 June 2005 15:40 (nineteen years ago)


You must be logged in to post. Please either login here, or if you are not registered, you may register here.
Site New Answers Search Boards ILM ILE Answers New Question New Questions New Poll Blog View Register Login