bypass School Internet Filters

Robert Paulson [hazorz]
11 years ago | edited 11 years ago

0

I’m not the best with introductions so I guess ill just get right into it, I did some research in Proxies and Web filters and this is what I have found.

**De-filters**[/center] These are websites which take a URL, and collect the content for you. The work because the filters only see you downloading data from an unblocked website (the de-filter); the connection to the banned site is from another external web server so it doesn't pass through your schools filters. These are some good de-filter websites: www.defilter.co.uk www.lazyfoo.co.uk www.browserunblocker.net These are just a few of the hundreds of de-filter websites revealed by a quick google search. Where possible, tick the box that turns on some kind of encryption. This prevents the IT department seeing what sites you gave unblocked. Also, sites that use the HTTPS protocol are even harder to be caught with. However, de-filter sites do not always unblock active content such as flash, or videos so they are not perfect. If you find a good de-filter, don't give it to anyone because it will soon spread round the school, and end up blocked. **Using a new proxy**[/center] Most school filters work by directing all traffic through a proxy server, which scans URLs for blocked keywords. Internet Explorer uses the system wide proxy for HTTP. However, FireFox can have its own proxy set. Firefox will route all traffic through the open proxy server, avoiding using banned keywords in the URL. This traffic will then be sent through the filter proxy by the operating system, but will not be blocked if all has worked well. 1) Get a copy of FireFox on a memory stick. It's best to use the portable version available here because it wont leave evidence of running FireFox on the main system hard drive. This version also remembers your bookmarks, passwords etc. 2) Set up FireFox to a proxy. Open the Tools menu, then click Options. Then click the Connection Settings button in the resultant window. Click the radio button for "Manual proxy configuration", and fill in relevant proxies/port numbers. A list of free proxies and port numbers is available here. Now, all should work as planned. [center]**Creating your own proxy** If you have a computer at your own home that's connected to the internet, you can use software such as Psiphon to act as a proxy between your school's and your home's connection. Once you have the software installed and a proxy set up, you can use the URL it provides (typically just the user's home IP address) and paste it into your school's browser. At this point, you would enter the password you set up to access the proxy and begin browsing. User-created Psiphon proxies are much more difficult to block than public proxies, as the connection comes from a user's home computer, rather than a public web site. Besides this, most ISPs give home connections dynamic IP addresses, meaning that any one user's home proxy will change its IP address every now and then, adding an additional layer of difficulty in tracking them. [center]**HTTPS**

This is the most simple of them all but sometimes does not to work. It’s as simple as just adding an S on to the http. so lets say for example http://www.facebook.com/ you would change it to https://www.facebook.com/

this does not go under the category of a hack it is just something that I thought would be interesting to share with those that want to bypass a Schools Internet security. enjoy!

*Admin: Original source is http://howto.wired.com/wiki/Bypass_School_Internet_Filters*

As I walk through the valley of the shadow of death, I will fear no evil, for I am the Evilest mother fucker in the God damn valley.

James Singh [cpn1000]
11 years ago | edited 11 years ago

0

THAT IS AWESOME!!! This should be published!!!!!!!!!!!!!

“When you die I will laminate you’re skeleton and pose you in the lobby.”
Veni Vidi Vici

Luke [flabbyrabbit]
11 years ago

0

@hazorz how much research did you have to do? Learn to copy and paste?

James Singh [cpn1000]
11 years ago

0

More than you have ever learned fatrabbit :p

“When you die I will laminate you’re skeleton and pose you in the lobby.”
Veni Vidi Vici

p2
11 years ago | edited 11 years ago

0

https://hidemyass.com often works in schools.

If school server running on linux, computers can boot with linux OR windows, it might be the same as in my school:
HTTPS isn’t blockable in the firewall.
all HTTPS-sites are blocked here:
C:\Windows\System32\drivers\etc\HOSTS.
just delete the list of blocked websites, save document and restart firefox. Then it isn’t blocked in HTTPS anymore ;)
*even https://www.facebook.com/ maybe won’t work if it’s blocked there!

Miep…

p2
11 years ago

0

For everyone who doesn’t know it:
If CMD is blocked on school computers, just write the commands nito a .bat fail and execute it!

And if everything fails, buy yourself an internet stick xD>>

Miep…

daMage
11 years ago

0

[quote=p2]HTTPS isn’t blockable in the firewall[/quote]
My bullshit sense is tingling

daMage

CygnusH33L
11 years ago

0

Unfortunately it’s true for some school filters DaMage well cache filters at least . It depends on how the filter works, some like what p2 is talking about cannot block HTTPS for example the RM SmartCache cannot block HTTPS. I tried before when we used this and it ended up blocking the whole schools internet… Yes they loved me for it :)

I could be wrong but I believe this happens because the web pages are cached then served from the cache rather than being downloaded again, therefore when viewing a page via a secure connection the cache does not store it and allows access and also bypasses URL/word filters. Please correct me if I’m wrong :D

A cache is designed to store pages visited by its users. The process of storing web pages is known as ‘caching’. This means that once a page has been visited it is saved in the cache’s memory and hard drive, so that when a page is next requested, it can be served from the local cache rather than the Internet. There are major benefits that schools can gain by having an RM SmartCache.

I would love to change the world, but they won’t give me the source code.

daMage
11 years ago

0

RM SmartCache != Firewall

The “problem” with https is that you can’t see what is the dns name of the web site someone is accessing, because that information is also encrypted. But you can see the ip addresses and if someone claims to have a firewall that can’t block connections by ip-address, I can only say that they don’t have a firewall.

daMage

CygnusH33L
11 years ago

0

This makes sense, I have noticed a lot of schools that I have worked in use cache filters and not firewalls due to price and with authorities and the government lowering school budgets I don’t see this changing soon.

I would love to change the world, but they won’t give me the source code.

p2
11 years ago

0

my teacker gave up trying to block internet, because I always found a way to go onto facebook and other sites.
after giving up, he once told me, that my ways of getting onto fb only work, because he ccannot block https-sites except using hte HOSTS-document.

Miep…

oussamabnbn
11 years ago

0

in my school , there are some port disable , thats why i cant download using torrent or play some online games
is there any sollution to confuse the server?
i used VPN method using “frozen way” software, it works but the connection is too slow

p2
11 years ago

0

try using a fast proxy.
Some good ones are on hidemyass.com
that should already work ;)

Miep…

abarxix
10 years ago

0

changing DNS server might also works in place where openDNS(or similar) is used !!!!!

DaGr8Kornolio
10 years ago

0

A little bit more information to clarify…

The hosts file is present in every computer running TCP/IP (you can even see it on android…). It’s not related to protocols and it is only use to resolve domain name to IP address. No matter what protocol you use (ICMP, FTP, HTTP, etc.), every time you ask for a server name, you computer will first look there to resolve it. Then it will look in the local dns and then in external dns…

It’s possible to block a web site by entering something like “0.0.0.0 www.facebook.com” (no wildcard). But except if your school doesn’t have a local dns server… there is no reason to struggle maintaining hundreds of hosts files. Especially if users can change it so easily. The same entry in the local dns server would do the same and it’s easier to maintain. Yet, it’s still better to block this in the proxy/firewall server than in the dns server. No matter how poor your school is, you should (or not) talk about linux to the IT guy…

NOTE: If you can hack the hosts file, you should rather use this to redirect everyone that wanna use facebook to your own web site so you can steal their passwords! ;) Mouhahaha

Secundo, I don’t know how great is our proxy server but we can inspect every request sent no matter what protocol is used (except if we allow VPN connection), SSL included. I clearly see the server name and I doubt it’s relying on reverse dns… Since the proxy is between the client and the web server (impersonating the client), I think it’s possible to see the flow…

Finally, except if you are directly NATed to the outside, I doubt that any admin will allow dns traffic to pass through the proxy/firewall server…

With that said, I must say that the original post give pretty good advice. Especially about creating your own proxy server… But use a strong password or I might want to use it myself! ;)

DaGr8

Just because I am paranoid doesnt mean theyre not after me…

![Image](/users/images/100/1:1/57b50e96d99557.11210619.png)