Outsmart your college/office FIREWALL now....

05 October, 2009 | | 1 comments |

Share |
Are you miffed with the Systems Administrator blocking all your downloads and the so-very-important social networking sites like Orkut, Facebook, LinkedIn, etc and Torrent clients in your college or company ... ?

If yes, then just read on and crack the LOGIC behind the BARRIER and harness the same LOGIC to KILL it. Colleges/Organizations usually have a SQUID firewall installed on their Linux Server through which all your HTTP requests get parsed. Such extra-ordinary and powerful is this piece of software that it deserves a blog on it. Here are some of the salient features of SQUID firewall from knowledge point-of-view:

  • It can populate all hosts currently on the N/W with their N/W statistics like the last request they made for a particular link and so on.
  • Specific permissions can be granted and revoked to hosts on the N/W based on their IP, Subnet Mask, port, etc.
  • Basically all HTTP requests are routed through the SQUID firewall so it can censor all URL's which the hosts demand. Specific keywords like xxx, orkut, game, facebook, s*x can be blacklisted so the URL's will be blocked.
  • File level access-lists can also be defined to block/allow certain formats like '.exe', '.avi', '.wmv', etc.
I'm sure by now you've understood why you get the 'Permission denied' or 'Access denied' warning when downloading files with the above mentioned formats or while surfing through URL's which contain keywords which are banned. Excellent logic right .. ? But do not forget that there is another part of the world who live to challenge this piece of software and the citizens here also have their own band of followers including me. :)

So now that we're through with the LOGIC let's work to reverse-engineer it. At first glance this challenge might look really invincible but that's the way challenges are supposed to be right ... ? Let's risk an attempt and than we'll decide our own fate.

1] SQUID firewall like I had emphasized above screen the URL's of hosts. So the very obvious solution is that we need something to encode them. Let's move further.

2] Assuming URL's are encoded than what about my file downloads which I have to download? OK so let's make an exception in this case or say an 'if else' clause comes into picture if you're kind of an programming freak. So if files are there in the URL than they should be rendered as they are.

3] Furthermore, there may be more constraints as well which may have been defined at the SQUID firewall by the developers and kept secret, so to escape that you need to route your traffic through a completely different channel than the conventional one.


Now to apply all of the above points either you can use a service provided VIA a web-site or VIA a desktop application. You can also setup your browser to do the above (not all of the above but it may do the trick in some cases).

  • There are web-sites available which can come to your rescue like www.avoidr.com, www.123hideip.com, www.forextail.co.cc, www.netbypasser.info, etc. These are proxy web-sites which offer free service to you. Just paste the link in the web-site and OFF YOU GO. You can search for more on Bing for better results.
  • You can use desktop Apps. like UltraSurf to so the same. You can download more Apps. of the same subject Here under the 'Hacking and Sniffing Tools' section.
  • You can also setup your browser's N/W configuration to manual with the following settings:
HTTP Proxy IP : 192.168.0.201 Port : 3128
Use the above settings for all possible protocols like SOCKS, SSL, FTP, etc.


Note:
  • Apps. and certain web-sites have their own restrictions like files exceeding 20 MB in size cannot be downloaded.
  • Beware while searching for results which include keywords like 'Proxy' coz the keywords might themselves be banned by your Admin.
  • You can use the same technique of setting up your N/W configuration using a HTTP proxy IP and proxy port with Torrent clients like uTorrent, BitComet, Bear-Share, Limewire, etc. The settings are available beneath any of the menu-items so be patient. You can get more proxy IP's and ports Here and Here.
  • SQUID firewall usually are installed on UNIX/Linux but it's equivalent on Windows platform also work on the same LOGIC so the above SOLUTION is applicable even there.

1 comments:

لاعبه الجمباز said...


Hi everyone
I would like to share this program with you
~~I wasel~~
After trying this software i think that i have to share it .
I wasel allows you to open any blocked sites u can imagine.
It also changes your ip address free to choose between 6 servers.
It also unblocks the Skype, Paltalk and everything.
You can use it on your cell phone.
I think you have to try it
Go download it now
http://www.mowasl.com
www.kuwaitvpn.com
http://www.omanvpn.com/
http://www.bahrainvpn.com