|
Easiest way to firewall tunnel ever
Hello again everyone. I recently made a post http://www.tfproject.org/tfp/showthr...threadid=31780 where I asked for assistance breaking through the firewall at my University. At the time, they had restricted only Direct Connect and other P2P programs like KaZaA. Well, on Friday, the bastards blocked Trillian, AIM, ICQ, and Yahoo Instant Messenger. This would not do.
I showed a few of the guys in my suite how to go about searching for proxy and socks forwarding programs, and one of them hit a gold mine. Allow me to share it with you. Check Proxy Professional (you can get it on download .com). This program gives the user a list of hundreds of external proxies that are completely anonymous. All you do is put the proxy info into your client program's proxy settings, and it should work. If you have to use a socks5 or socks4 proxy (depending on the program...KaZaA works that way only), download Socks2Http, and make that forward to the proxy, and then have the program forward to it. So by blocking all common communication programs, they pissed off all the computer nerds, and instead of being content to not download, now a ton of people are on KaZaA again. Heh. |
Thanks for the info, I'll try it out...
|
Out of curiosity, what school is this? Also, what is the reasoning behind this? I can undertand their blocking P2P apps, as much as I disagree with it, but instant messaging applications seems pretty draconian.
|
dang sounds like they went a bit overboard... and thanks for the tip for the proxy
|
Wow thanks for the info. I'm stuck behind websense and I'm rather annoyed at being blocked from almost every site.
One question: Where I'm at, the use of kazaa is prohibited and if you're caught you get your ip taken away. If I use a proxy like you were talking about is it possible for them to track me using it? |
Quote:
|
It's unlikely that you'll get caught because tunnelling makes the traffic look like it's just normal web browsing. Be sure not to leave the program running overnight and crap though, or they'll definitely take notice.
sailor420: San Jose State University (California) |
And if i recall, in your origional post i pointed out that you don't pay your university enough to have a say in accessing anything besides port 80.
Sorry, but as long as your access is included in the cost of housing and subsidized by the university you have no right to complain about free internet access that you didn't pay full value for. I know it's not what you want to hear, but perhaps students at your school should propose a system to the IT dept where you could pay a higher service fee of around 60.00 to 75.00 a month for unfiltered access or not pay and only have port 80 access. In fairness to the schools, most universities end up picking up the tab on massive amounts of bandwidth hat after housing costs are subtracted, there is not enough left to cover. :rolleyes: ##edit## Oops, it was another poster asking about defeating port blocking that recived my first response. :) The logic still stands though. |
Arch13 I dont fully agree with you that he does not pay the university enough. I agree with p2p sharing, as they can eat up a lot of bandwidth, but I mean hes paying a premium to stay in a small dorm room, I am SURE that the university has there asses covered for costs from the tuition and the room & board. I mean what kind of business people would they be if they didn't make money off there students.
|
Obviously I agree with Vanquish.
|
How does one block YIM? I've been able to block everything BUT that. The crap goes out over port 80 if it can't find another type of connection.
|
Wow dude, you're smart.
HARHARHAR...=D |
Quote:
The average cost of an OC3 is enormus for the line to simply continue to operate, nevermind that when you get to that size pipe your charged by the gig. there is no such thing as unlimited download on industrial connections like this. Lines like that are called level3 connections and run about 10,000 a month plus 15.00 a gig. The average student will eat about 1/2 a gig in a month from AIM, graphical web browsing, and email with attatchments. That means that a school of moderate size (~4000) will spend 40,000 a month on their connection. Dorms are where a school usually bleeds money made up from other sources as they provide unlimited utilities such as heat, water, and local phone service. Dorms also need to be rehabed about every 5 years for local code and livibility concerns as well. I know this because i happen to have sat on a colleges board of directors in the past as a student consultant. You then have to add in the data the schools deal in every day on that pipeline for such things as student files, their web page, and student email as well as any data from research and you can see how big the bandwidth bill for schools are. A genaeral rule of thumb for school IT depts is that if more than 60% of bandwidth is being saturated by students, services will be scaled back till that 60% goal is reached. other wise there may not be enough room for the schools needed data in the pipes. After many years of debate, my school moved to a system where you can pay $250.00 a semster for unblocked access with no questions asked, even for P2P since the school can claim that they simply acted as an isp in selling us a connection, much the same as other ISP's do in court when people such as the RIAA target a student. This unblocked access has it's own connection and does not share with the school. In my example, the school expressly tells us that they will comply with any supenas to identify us but are otherwise released from liability. If you choose not to pay, you can share the schools pipe and are blocked except for web browsing. The school even broke down the economic of the change for the students so that there could be no complaints. The point is that bandwidth is a sore issue for schools because they get accussed of having enough money when students don't know the economics and end up looking like the bad guy. even worse is if they cut back to far and a student claims they are stifling th flow of information and acting as a censor. for that reason many schools are hesitant to implament bandwidth caps, instaed blocking ports. I hope i've shed some light on the schools motivation.:p |
Damn you and your kind splooge! (I'm only kidding....chances are I'll end up an IT guy)
And everyone, please say hi to my sassy girlfriend. |
hi sassy
|
If I had 100Mb access to an OC-3, just understand folks, I would be expensive. ;)
-SF |
Quote:
For example, block all traffic to: cs101.msg.sc5.yahoo.com Try Y! Messenger again. If it still works, do a netstat -a and see what other server it is connecting to. You'll get them all eventually. |
arch that was probably me :D
I understand that you don't support this, but here my opinion: We pay the school to live in this dorm. Living here means that we spend most of our time here, including much of our recreational time. I can understand limiting or restricting the use of P2P programs, and have no quarrel with that; hell, I support them in that area. But students need to have ways to spend their recreational time alone, after all, "idle hands are the devils... whatever". A bunch of bored students rarely results in a bunch of studying students. Rather, it results in noisy, anoying, messy, inconciderate students. |
Quote:
...but my name is not sassy. |
Quote:
|
You might also want to try out httport from http://htthost.com
|
Quote:
I do agree that blocking AIM is draconian in implamentation, and am a little suspicious as to if it being done or simply is a problem with the orgional posters AIM setup. I hope he confirms this on other computers before complaining. That being said, a school exists for it's students but also for self preservation. it's a two way street. No students, No school but also no school, no students. I think that if this is being blocked, a student colation representing a majority based on signatures or some other quantifiable method should come to the schoools IT board to discuss the issue. A ban on AIM file transfers while allowing AIM text (yup it's possible to implament) seems a reasonable compramise that still saves on bandwidth and stops file trading. Just as long as they disable that damn AIM .wav noise:rolleyes: |
Re: Easiest way to firewall tunnel ever
Quote:
School IT dept practice traffic shaping and random packet captures to get a glimpse of traffic flow. In other words, the can still see that your downloading a program instaed of graphics and text based on the packet captures and they will eventually notice the bell curve in their traffic shaping charts that break bandwidth down by sub-net and IP. They'll probably ignore it if where talking an extra 50k connection or two in kazzaa for mp3's but they will not ignore a couple of 150k connections or if your eating a gig a week in traffic flow (which is computed bidirectionally, meaning what you send out is also counted in that 15.00 a gig.) Keep it reasonable.:rolleyes: |
we had a similar problem with the whole bandwidth thing where they cut our bandwidth to practically nothing but just recently one of my room mates became the network administrator for the university he has set me and few of his other friends up with uncapped 100 lines instead of the capped 10s that everyone else still gets its pretty sweet
|
iktoweya, your friend could probably get in some seriously deep shit for that.
arch13, they did indeed block AIM access for all the residence halls. However a petition was made and access was granted to AIM again today. But yeah, whatever reasoning they had for it is beyond me. |
Kazaa, IRC and BitTorrent are blocked at my school. Although as alternates I use a different port for IRC and use Ares for music. Stops most people but not the resourceful.
|
| All times are GMT -8. The time now is 01:54 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project