|
10-27-2003, 10:41 AM
|
#1 (permalink) |
|
Psycho
|
Easiest way to firewall tunnel ever
Hello again everyone. I recently made a post http://www.tfproject.org/tfp/showthr...threadid=31780 where I asked for assistance breaking through the firewall at my University. At the time, they had restricted only Direct Connect and other P2P programs like KaZaA. Well, on Friday, the bastards blocked Trillian, AIM, ICQ, and Yahoo Instant Messenger. This would not do.
I showed a few of the guys in my suite how to go about searching for proxy and socks forwarding programs, and one of them hit a gold mine. Allow me to share it with you. Check Proxy Professional (you can get it on download .com). This program gives the user a list of hundreds of external proxies that are completely anonymous. All you do is put the proxy info into your client program's proxy settings, and it should work. If you have to use a socks5 or socks4 proxy (depending on the program...KaZaA works that way only), download Socks2Http, and make that forward to the proxy, and then have the program forward to it. So by blocking all common communication programs, they pissed off all the computer nerds, and instead of being content to not download, now a ton of people are on KaZaA again. Heh. |
|
|
10-27-2003, 12:35 PM
|
#3 (permalink) |
|
beauty in the breakdown
Location: Chapel Hill, NC
|
Out of curiosity, what school is this? Also, what is the reasoning behind this? I can undertand their blocking P2P apps, as much as I disagree with it, but instant messaging applications seems pretty draconian.
__________________
"Good people do not need laws to tell them to act responsibly, while bad people will find a way around the laws." --Plato |
|
|
|
10-27-2003, 12:47 PM
|
#5 (permalink) |
|
Desert Rat
Location: Arizona
|
Wow thanks for the info. I'm stuck behind websense and I'm rather annoyed at being blocked from almost every site.
One question: Where I'm at, the use of kazaa is prohibited and if you're caught you get your ip taken away. If I use a proxy like you were talking about is it possible for them to track me using it?
__________________
"This visage, no mere veneer of vanity, is it vestige of the vox populi, now vacant, vanished, as the once vital voice of the verisimilitude now venerates what they once vilified. However, this valorous visitation of a by-gone vexation, stands vivified, and has vowed to vanquish these venal and virulent vermin vanguarding vice and vouchsafing the violently vicious and voracious violation of volition. The only verdict is vengeance; a vendetta, held as a votive, not in vain, for the value and veracity of such shall one day vindicate the vigilant and the virtuous. Verily, this vichyssoise of verbiage veers most verbose vis-à-vis an introduction, and so it is my very good honor to meet you and you may call me V." - V |
|
|
|
10-27-2003, 01:09 PM
|
#6 (permalink) | |
|
"Officer, I was in fear for my life"
Location: Oklahoma City
|
Quote:
|
|
|
|
|
10-27-2003, 04:01 PM
|
#7 (permalink) |
|
Psycho
|
It's unlikely that you'll get caught because tunnelling makes the traffic look like it's just normal web browsing. Be sure not to leave the program running overnight and crap though, or they'll definitely take notice.
sailor420: San Jose State University (California) |
|
|
|
10-27-2003, 05:18 PM
|
#8 (permalink) |
|
Loves my girl in thongs
Location: North of Mexico, South of Canada
|
And if i recall, in your origional post i pointed out that you don't pay your university enough to have a say in accessing anything besides port 80.
Sorry, but as long as your access is included in the cost of housing and subsidized by the university you have no right to complain about free internet access that you didn't pay full value for. I know it's not what you want to hear, but perhaps students at your school should propose a system to the IT dept where you could pay a higher service fee of around 60.00 to 75.00 a month for unfiltered access or not pay and only have port 80 access. In fairness to the schools, most universities end up picking up the tab on massive amounts of bandwidth hat after housing costs are subtracted, there is not enough left to cover.  ##edit## Oops, it was another poster asking about defeating port blocking that recived my first response.  The logic still stands though.
__________________
Seen on an employer evaluation: "The wheel is turning but the hamsters dead" ____________________________ Is arch13 really a porn diety ? find out after the film at 11. -Nanofever Last edited by arch13; 10-27-2003 at 05:37 PM.. |
|
|
|
10-27-2003, 07:17 PM
|
#9 (permalink) |
|
Insane
Location: Truro, Nova Scotia
|
Arch13 I dont fully agree with you that he does not pay the university enough. I agree with p2p sharing, as they can eat up a lot of bandwidth, but I mean hes paying a premium to stay in a small dorm room, I am SURE that the university has there asses covered for costs from the tuition and the room & board. I mean what kind of business people would they be if they didn't make money off there students.
|
|
|
|
10-27-2003, 09:11 PM
|
#13 (permalink) | |
|
Loves my girl in thongs
Location: North of Mexico, South of Canada
|
Quote:
The average cost of an OC3 is enormus for the line to simply continue to operate, nevermind that when you get to that size pipe your charged by the gig. there is no such thing as unlimited download on industrial connections like this. Lines like that are called level3 connections and run about 10,000 a month plus 15.00 a gig. The average student will eat about 1/2 a gig in a month from AIM, graphical web browsing, and email with attatchments. That means that a school of moderate size (~4000) will spend 40,000 a month on their connection. Dorms are where a school usually bleeds money made up from other sources as they provide unlimited utilities such as heat, water, and local phone service. Dorms also need to be rehabed about every 5 years for local code and livibility concerns as well. I know this because i happen to have sat on a colleges board of directors in the past as a student consultant. You then have to add in the data the schools deal in every day on that pipeline for such things as student files, their web page, and student email as well as any data from research and you can see how big the bandwidth bill for schools are. A genaeral rule of thumb for school IT depts is that if more than 60% of bandwidth is being saturated by students, services will be scaled back till that 60% goal is reached. other wise there may not be enough room for the schools needed data in the pipes. After many years of debate, my school moved to a system where you can pay $250.00 a semster for unblocked access with no questions asked, even for P2P since the school can claim that they simply acted as an isp in selling us a connection, much the same as other ISP's do in court when people such as the RIAA target a student. This unblocked access has it's own connection and does not share with the school. In my example, the school expressly tells us that they will comply with any supenas to identify us but are otherwise released from liability. If you choose not to pay, you can share the schools pipe and are blocked except for web browsing. The school even broke down the economic of the change for the students so that there could be no complaints. The point is that bandwidth is a sore issue for schools because they get accussed of having enough money when students don't know the economics and end up looking like the bad guy. even worse is if they cut back to far and a student claims they are stifling th flow of information and acting as a censor. for that reason many schools are hesitant to implament bandwidth caps, instaed blocking ports. I hope i've shed some light on the schools motivation. 
__________________
Seen on an employer evaluation: "The wheel is turning but the hamsters dead" ____________________________ Is arch13 really a porn diety ? find out after the film at 11. -Nanofever |
|
|
|
|
10-28-2003, 10:09 AM
|
#17 (permalink) | |
|
Insane
Location: Plugged In
|
Quote:
For example, block all traffic to: cs101.msg.sc5.yahoo.com Try Y! Messenger again. If it still works, do a netstat -a and see what other server it is connecting to. You'll get them all eventually. |
|
|
|
|
10-28-2003, 10:10 AM
|
#18 (permalink) |
|
Insane
Location: The Oposite, Inverse of Hell (Wisconsin)
|
arch that was probably me
 I understand that you don't support this, but here my opinion: We pay the school to live in this dorm. Living here means that we spend most of our time here, including much of our recreational time. I can understand limiting or restricting the use of P2P programs, and have no quarrel with that; hell, I support them in that area. But students need to have ways to spend their recreational time alone, after all, "idle hands are the devils... whatever". A bunch of bored students rarely results in a bunch of studying students. Rather, it results in noisy, anoying, messy, inconciderate students. |
|
|
|
10-28-2003, 10:26 AM
|
#20 (permalink) | |
|
Filling the Void.
Location: California
|
Quote:
 |
|
|
|
|
10-28-2003, 11:35 AM
|
#21 (permalink) |
|
Custom title.
Location: Denmark.
|
You might also want to try out httport from http://htthost.com
__________________
Signature 101 |
|
|
|
10-28-2003, 01:27 PM
|
#22 (permalink) | |
|
Loves my girl in thongs
Location: North of Mexico, South of Canada
|
Quote:
I do agree that blocking AIM is draconian in implamentation, and am a little suspicious as to if it being done or simply is a problem with the orgional posters AIM setup. I hope he confirms this on other computers before complaining. That being said, a school exists for it's students but also for self preservation. it's a two way street. No students, No school but also no school, no students. I think that if this is being blocked, a student colation representing a majority based on signatures or some other quantifiable method should come to the schoools IT board to discuss the issue. A ban on AIM file transfers while allowing AIM text (yup it's possible to implament) seems a reasonable compramise that still saves on bandwidth and stops file trading. Just as long as they disable that damn AIM .wav noise
__________________
Seen on an employer evaluation: "The wheel is turning but the hamsters dead" ____________________________ Is arch13 really a porn diety ? find out after the film at 11. -Nanofever |
|
|
|
|
10-28-2003, 01:34 PM
|
#23 (permalink) | |
|
Loves my girl in thongs
Location: North of Mexico, South of Canada
|
Re: Easiest way to firewall tunnel ever
Quote:
School IT dept practice traffic shaping and random packet captures to get a glimpse of traffic flow. In other words, the can still see that your downloading a program instaed of graphics and text based on the packet captures and they will eventually notice the bell curve in their traffic shaping charts that break bandwidth down by sub-net and IP. They'll probably ignore it if where talking an extra 50k connection or two in kazzaa for mp3's but they will not ignore a couple of 150k connections or if your eating a gig a week in traffic flow (which is computed bidirectionally, meaning what you send out is also counted in that 15.00 a gig.) Keep it reasonable.
__________________
Seen on an employer evaluation: "The wheel is turning but the hamsters dead" ____________________________ Is arch13 really a porn diety ? find out after the film at 11. -Nanofever |
|
|
|
|
10-28-2003, 04:18 PM
|
#24 (permalink) |
|
These pretzels are making me thirsty!!
Location: 105B
|
we had a similar problem with the whole bandwidth thing where they cut our bandwidth to practically nothing but just recently one of my room mates became the network administrator for the university he has set me and few of his other friends up with uncapped 100 lines instead of the capped 10s that everyone else still gets its pretty sweet
__________________
i miss K-Wise |
|
|
|
10-29-2003, 12:44 AM
|
#25 (permalink) |
|
Psycho
|
iktoweya, your friend could probably get in some seriously deep shit for that.
arch13, they did indeed block AIM access for all the residence halls. However a petition was made and access was granted to AIM again today. But yeah, whatever reasoning they had for it is beyond me. |
|
|
| Tags |
| easiest, firewall, tunnel |
|
|
