PDA

View Full Version : Proxy Bypass



blackbetty
24th July 2005, 09:36 PM
HELP!!!

They have blocked the msn ( i use adium to connect to msn) at boarding school leaving me out of touch with the rest of the world. many of my friends have downloaded a program called hopster. you basically install it and it bypasses it easily. I'm looking for something very similar to this. that won't require a lot of set up.

Any ideas would be much appreciated.

Cheers,

josh64
24th July 2005, 09:42 PM
i was under the impression that adium could tunnel proxies itself.

blackbetty
24th July 2005, 09:45 PM
can it? how?

josh64
24th July 2005, 10:54 PM
Adium -> Preferences -> Accounts -> [Account Name] -> Edit -> Proxy


Edit: Skipped a step :P

blackbetty
25th July 2005, 10:09 AM
so how do i use that proxy form to tunnel?

pardon my ignorance, i really dont understand this that much.

eyeLikeCarrots
25th July 2005, 12:07 PM
In the accounts tab of the adium preferences, enter the port of your proxy server as the port to connect to the messenger server on and then check the connect via http checkbox.

in the proxy tab enter the details for you proxy servers.. ask an admin if you dont know.

this one took me a while to figure out...

On-Site-Tec
25th July 2005, 04:00 PM
In the account options you can connect via HTTP rather than port 1863.

Would this work?

Ive never had a chance when ive had to try it. It would be ideal when i was back at school, The only open port was 80.

Matt

blackbetty
25th July 2005, 07:01 PM
im not quite sure which number to use because i normally use 8080 at the school but they've blocked that,, ive got to that proxy screen but im unsure what to put there.. i was under the impression that i would have to find a different port that would connect me to msn that hadnt been blocked by the school,, im very likely to be wrong though...

On-Site-Tec
25th July 2005, 07:10 PM
You would have to talk to the techs at school for the details. As they will depend on how they set up the network etc.

But its not a matter of finding out which ones they havent blocked, they would have blocked all of them, as there is no reason for school kids to use anything else than browse the web.

If they left any other ports open it would let anyone install p2p or chatting applications on the computers and well not only be distracted from their work but use up bandwidth.

I used to work with the techs at my school one day a week as an extra subject and its really locked down. From what they tell me its quite the same story at any other school sadly.

Become friends with the techs and they will let you know all the settings you need. ;)

Matt.

blackbetty
25th July 2005, 07:28 PM
haha,,

Our techs are the kinda people who will say no just because they can. They especially dont like me becuase Im using a mac on their PC orientated system. I just wish they would mac a Mac Hopster.

LCGuy
25th July 2005, 09:39 PM
blackbetty, i know how that goes....my Macs and I spent 5 years in the same sort of boarding school....it was evil....

josh64
25th July 2005, 10:42 PM
You just put in the proxy details of the normal proxy you use to access the web.

blackbetty
26th July 2005, 08:07 AM
i tried doing that and it's still doesnt connect. i wrote to the hopster people and he reckoned that he MIGHT mac a mac one but he's not sure. ill just wait for that i suppose.

eyeLikeCarrots
26th July 2005, 01:12 PM
http://www.ids.org.au/~jduckett/public_pics/foo/options.jpg

8080 is the port that out http proxy works on.

http://www.ids.org.au/~jduckett/public_pics/foo/proxy.jpg

see if this works for you, but I found the secret for here at UTAS was to just change the connect method to http and the target port number on the first tab. You have to match those settings of course on the proxy tab, in our case we have an authenticated proxy...

purana
26th July 2005, 02:28 PM
It's also possible the proxy wont allow you access either if they have it blocked from the proxy also.

You should get a free shell account somewhere and then setup an ssh tunnel to the free shell account and then tunnel your msn traffic over it. All you have to confirm is that you can ssh from your school to an outside box.

Sign up for a free shell on http://bur.st/ but confirm you can ssh to host sweep.bur.st first. Then we will know if your school allows ssh outbound.

EDIT:

If you can ssh, and do get a shell account. From a command tool issue the following;

ssh -D 10000 -C -l [username] shell.bur.st

[username] = your username you choose for your shell account.

Once this is connected and running... jump to your Adium application and change the proxy to be SOCK4 and then enter in the server/ip address as "localhost" and port "10000"

Basically this will tunnel your msn traffic out the ssh connection you made via port 10000 on localhost.

If you also wanted to http browse without being restricted by your schools proxy, setup your browser to use the same socks4 server after the ssh connection is up. host/server "localhost" & port "10000" (Then all your web browser stuff done will pass over that ssh link and work, bypassing the local http proxy)

For this to work, your school must allow outgoing ssh. Otherwise it won't work.

blackbetty
27th July 2005, 09:28 PM
apparently, our school server is very sophisticated and has blocked all outband ssh (although i must admit that i have no idea what any of that is but i showed our boarding house expert/nerd and he knew that it wasnt possible)

he says that he has no idea how hopster does it and that i'll have to keep looking for a way to do it. it has now become my mission to get throught this because i feel deprived on my comunicational right. ill keep researching...

purana
28th July 2005, 08:12 AM
Originally posted by blackbetty@Jul 27 2005, 09:28 PM
apparently, our school server is very sophisticated and has blocked all outband ssh (although i must admit that i have no idea what any of that is but i showed our boarding house expert/nerd and he knew that it wasnt possible)

he says that he has no idea how hopster does it and that i'll have to keep looking for a way to do it. it has now become my mission to get throught this because i feel deprived on my comunicational right. ill keep researching...
That said, your school is probably only blocking outbound ssh on the standard port of TCP/22.

My work does this, however it was easy to get around. The great thing about bur.st shell server is it accepts SSH on any port.

From within your school attempt a ssh connect to shell.bur.st on port TCP/443 (aka typically used for https), and it should connect. If it does, sign up for a bur.st account and use the command I said, however add the option on the end of "-p 443"

This works for me here at work, as when I do an ssh on port 443 to the bur.st shell, my work passes it thinking its a https request :)

Let us know how you go.

blackbetty
28th July 2005, 09:25 AM
thanks for all your help, ill get someone in the boarding house to help tonight.

ill let u know what happens.

purana
28th July 2005, 10:36 AM
Excellent, it should work. Soon find out :)

blackbetty
29th July 2005, 08:19 PM
We must admit that we are a bit confuse as to how we go about doing the whole ssh thing, i thought my friend understood it but even he is a bit confused as well.

Could you please explain a bit more as to what ssh is all about?

Im just going to get my friend to tell you what its about...
he writes...
Basically our school has a very limited internet connection. They use a corporate firewall solution, FireBox, and packet shaping hardware, Packeteer. When first implemented, all inbound and outbound traffic is blocked, until rules are put in place to allow use. They only allow use for the proxy server (8080), restricted smtp (25) and restricted ftp (21). All other ports are blocked and closed, hence, not used. Many students have been using the popular Hopster program to access msn lately, but it is beyond me as to how this program bypasses blocks.

So as you can see, he knows a hell of a lot more about it than i do but is none the less solutionless...

purana
9th August 2005, 11:41 AM
Can you use ssh to connect to host "shell.bur.st" on port 22 or port 443.

Let me know and we can take it from that..

From mac terminal you'd need to run the following command.

ssh shell.bur.st

or

ssh shell.bur.st -p 443

Which one works? if any?

If they work you should get a password prompt and a Welcome banner just above the password prompt.

blackbetty
11th August 2005, 08:30 AM
they work but the password that bur.st gave me when they created my account doesnt work. do i have to somehow change that? i tried the temporary password but that didnt work and tehn it gave me *name of my computer*@bur.st and asked for a password...

i did note that when i tried to type the password, not even stars came up,,, what am i doing wrong?

im starting to comprehend how this is working. i guess the thing to do after we get the msn to work would be to get terminal to do those commands every time you start up.

purana
11th August 2005, 08:36 AM
Which one of those commands worked, ie. which port can you ssh out on?

As to your password and it not working, best to speak with bur.st support and get it reset. I merely used bur.st as the example as its a ssh shell server that accepts ssh connects on any port, which means you can get around pretty much and sort of firewall.

Once you do get the connected after your password is sorted, refer back to my previous message for the command to issue, then configure your client to use the socks info I said, and it should work through the firewall while ever the ssh session is running.

Good luck. Its pretty easy :)

blackbetty
11th August 2005, 08:42 AM
the ssh shell.bur.st worked,,

but it is as if i wasnt even typing a password,,, the cursor wasnt moving along as i typed... i'll send them an email and see what they say.

blackbetty
11th August 2005, 12:54 PM
ok,, i have it working now,,, i had forgotten to put in a username... silly me... it workds now,, and i have the msm/adium working,,, couldnt get ichat to work but ill keep playing around with it,,,

as i said before, the thing to do now is to see if we can fix it so that terminal runs in the background everytime you start up and conects to this bur.st server...

i am ever greatfull for your help,,,