Bypassing Corperate & College Firewalls

<strong>Legal Stuff:</strong>

This will almost certainly violate rules at your workplace/college. Use at own risk.

Please note this will not work on Microsoft ISA Server Proxy as httptunnel doesn't support NTLM Authentication
The Problems:


  1. TCP Ports for your favourite programs (ssh, vnc, irc, ftp...) are blocked

  2. Your favourite websites are blocked by a proxy
    (You could use a web proxy, but maybe its messing up logins to complex sites)

  3. Non-http servers on port 80 are blocked by a proxy


Fear not! In the interests of free speech, and just in case you're curious, I will explain how

The Plan:

First, we need to encapsulate (tunnel) TCP/IP connections to a port into HTTP requests. This can be done with programs that encode it into form POST requests. It won't be speedy, but it will work

Now we have a port opened, we need encryption. Also it would be nice to have multiple ports. We can do this by running SSH through the tunnel. (And as a bonus you get password protection, server admin and file transfers)

The Testbed:

This setup was tested on my home LAN with an Ubuntu 6.10 Edgy server and a Windows XP Pro SP2 Client.

I hope to test this in a college environment soon.

How to set up the home server:

The server is the computer that is running at home. It has full internet access and will be the PC that you connect to, to circumvent the firewalls.

These instructions are for Ubuntu Edgy Eft 6.10

First, we need to install the server applications. This only has to be done once

sudo apt-get install openssh-server httptunnel privoxy

Open a terminal and check that the ssh server is running by:
ssh localhost

Type 'yes' to RSA Fignerprints.

You should be prompted for a password. Type it.

Check everything works then type exit to leave ssh.

If you have a router at home:


  1. Log in (try http://192.168.0.1 or http://192.168.1.1 http://192.168.2.1)
    The default login details are usually User: admin Password: admin

  2. Find the Port Forwarding/Virtual Servers section

  3. Forward port 80 TCP to your LAN IP
    (You can find your LAN IP by typing ifconfig)


If you have a dynamic IP, consider getting a DynDNS or NO-IP address

(Instructions for DynDNS coming soon)

Starting the server Programs

This must be done every time the server is booted. Instructions for this to happen automatically on boot-up coming soon.

sudo hts --forward-port localhost:22 80
sudo /etc/init.d/privoxy start

Now incoming tunnelled data is sent to Privoxy HTTP Proxy in the SSH server

Setting up the college client files:

This should work on Windows 2000/XP
If your college allows it, I recommend using a USB stick to run this off. If not, find another way.

Extract this prepared zip into your USB Stick tunnel-client-01.zip

Edit settings.bat with Notepad
Using it in College:

Edit your IE Settings under Tools > Options to match the settings below (click to enlarge)
config-ie.JPG

In the unlikely event that your college uses Firefox, heres what to do. (Click to enlarge)

config-firefox.JPG

Alternatively, you could have download Firefox Portable and extract it onto your USB stick. Then you could always have a preconfigured version of Firefox to hand.
Plug in USB Stick

Run _Step1.bat to start the HTTP tunnel to the home server
Run _Step2.bat to start SSH through this tunnel. VNC and HTTP Proxy ports will be forwarded.

To VNC into your server, go in the TightVNC folder and open vncviewer.
Connect to localhost:1

To let the server VNC into you, go in the TightVNC folder and open allow-incoming-vnc.reg then open winvnc. It'll appear in the system tray

Can't run .reg files? do this instead


  1. Open WinVNC

  2. Double click its icon in system tray

  3. [Advanced..] Button

  4. [tick] Allow loopback connections


The server cannow vnc you by connecting to :1 or localhost:1
Miranda Portable can be used for IM. Instructions coming soon

Anything that works in HTTP Tunnels should work.

Also, since SSH is encrypted, your website will be transfered as garbage and thus websites with blocked keywords should also get through.

The only thing that is logged are conenctions to your home server (byut not whats in them)
Also, any port can be forwarded in Settings.bat
DNS *should* also be tunnelled, so websites with blocked URLS shoudl get through

Prolems:

First, it'll be amazingly slow
Second, your home PC needs to be on!!!

More to come later (maybe a Windows Server Version, Full SOCKS Support, Privoxy Configuration)!
Bibliography:

http://sebsauvage.net/punching/
http://www.neophob.com/serendipity/index.php?/archives/85-GNU-HTTPtunnel-v3.3-Windows-Binaries.html
http://www.nocrew.org/software/httptunnel/faq.html
http://thinkhole.org/wp/2006/05/10/howto-secure-firefox-and-im-with-putty/
http://www.privoxy.org/
http://aptgetanarchy.org/tor

Posted 11th December 2006 in Computer, with 0 comments

Digg!

comments


  1. (optional)