Thursday, July 1, 2010

Escaping the corporate or educational firewall, or 'how to play FarmVille from work'

Filed under: Internet, Security

Escaping the corporate or educational firewall, or 'how to play FarmVille from work'

by Sebastian Anthony (RSS feed) Jul 1st 2010 at 2:00PM

We've all been there. You're either at work or school or university and you desperately need to visit LiveJasmin -- or play FarmVille. But the computer won't let you! 'Page not found' it says. 404 my foot! You're being firewalled! You're being blackholed! You're being COCKBLOCKED!

Fortunately, in most non-enterprise cases (if you work at IBM, this guide probably won't work), networks are set up by technicians that don't know their RJ45 from their RJ14, their patch cable from their patch server, their silicon from their silicone -- in short, most corporate and educational networks are easy to break out of.

With this guide, you can be surfing Facebook, jacking off to Cam4 or playing World of Warcraft within 10 minutes. Some of the methods described are easy to pull off, and some will require technical expertise. Still, if you're reading this from work you've got plenty of time to blow, eh?


1. First, always try a proxy server, anonymizer or VPN

It's the oldest trick in the book, but more often than not it works. Basically, by re-routing your Internet requests via another computer, you might be able to avoid the corporate firewall.

There are two ways to go about proxying, depending on how draconian your administrator is:

  • Try one of the many Internet proxies/anonymizers -- in many cases, you can simply visit one of these sites, type in an address, and off you go. HideMyAss works well, Vtunnel is fantastic -- or simply hit up Free Proxies' huge listing and keep trying until you find one that works.
  • If your browser hasn't been locked down, it can be as simple as setting the Proxy Server in your settings -- Web browsers can all be setup to force communication via a proxy. Find an IP address from this list (or Google for 'free proxy list') and then configure your browser to use it. If you don't know how to set a proxy server, here's a comprehensive guide. (Chrome is Options > Under the Bonnet > Change proxy settings.)

    If you can't change your proxy settings, see step 3 below.

  • If you can install software, try a virtual private network (VPN) solution -- in most cases you can't install software on corporate or educational networks, but if you can, try the Free VPN.
Note: most of these solutions can also be used to watch BBC or Hulu TV streams from other countries!

2. Sometimes a brute force Babelfish or a direct IP address will save you

More often than not, administrators simply ban websites by name or keyword (every domain name with 'cam' in, for example). A proxy might work today, but it could be blocked tomorrow. If you only need access to the text of a site, Babelfish or Google Translate should be able to help you. Just type an address in and voilá! Make sure you translate from an obscure language into English, or it might refuse to work.

If your administrator has blocked the translation sites, you could always use a brute-force IP address approach. Visit this page, type in a host name ('www.google.com'), and then paste the resolved IP address into your Web browser. It might work, it might not -- and it probably won't work beyond the first page.

3. Try a portable standalone browser, like Firefox or Chrome!

Did you know that both Firefox, Chrome and Opera can run without being installed? You can put them on a USB stick [Firefox download, Chrome download, Opera download], slap it into the locked-down machine and simply run your browser from the stick. On the off-chance that USB sticks are disabled (some network administrators are mean bastards), you could download a standalone version of Firefox, Chrome or Opera straight to the computer.

In some cases the actual blocking is done by the installed browser, so using a portable version will completely circumvent the network's security. With a portable browser you are also completely free to set a proxy server, as described in step 1.

4. If portable browsers are disabled, try this disgusting little Notepad hack

This one was new to me, but hey, I'm all for weird and wonderful workarounds! Open Notepad (Start > Programs > Accessories > Notepad) and then File > Open. Paste your URL into the box usually reserved for filenames and press enter.

It usually takes a while -- and it won't work for every site -- but you just might end up with a Notepad full of HTML code! You can then save the file as 'whatever.html' (the .html is important) and open it in a regular Web browser, Microsoft Word, or any number of programs that understand HTML files.

5. If all else fails, try something truly heroic like Remote Desktop, VNC or an SSH tunnel

Sometimes a business or school computer is simply locked down too damn well. It's rare, but there are some network admins that are capable of running a tight ship. Hopefully you haven't got this far in the guide, but if you have, here are a couple of last-gasp efforts that might just work.

  • Remote Desktop -- this is for Windows users only. Enable Remote Access on your home computer by right clicking My Computer > Properties > Remote (or 'Remote settings'). The process varies a little from XP to 7 to Vista -- if you can't find it, use this FAQ.

    You will need to write down your home IP address (and you will probably have to set up port forwarding too).

    Then, from your work or school computer, run Start > Programs > Accessories > Remote Desktop Connection. Type in your home IP address, and pray that the network administrator hasn't blocked the port. (You can always change the port though. Try port 80!)

  • VNC -- this is like Remote Desktop, but cross-platform. It has both a server and a client component, just like Remote Desktop. There are many guides -- and many variations -- but this guide is enough to get you started.
  • SSH tunnelling -- of course I saved the best for last! This by far the hardest to set up -- and you'll need a colocated or dedicated server to pull it off -- but really, if SSH tunnelling doesn't work, you should congratulate your network administrator being more oppressive than a Korean god-emperor.

    This guide covers a Linux/Windows XP setup. Mac users can use this guide. Again, SSH tunnelling is not for the faint of heart!

* * *
If you have another method for circumventing a corporate or educational firewall, leave a comment!

Posted via email from ://allthings-bare

No comments:

Post a Comment