PDA

View Full Version : need proxy



gunnut
10 Nov 14,, 22:20
Sonuvabitch...work firewall block access to Calguns.net, saying it's "weapons" site. Well, yes, it is about weapons. It's also about ammo too, with off topic forum and a market place.

Looks like I have to use a proxy.

Well...shit! Proxy was also blocked.

Fuck...I have to setup a proxy server at home to access shit that I want to see. Browsing on the phone is just too slow and bad for my eyes.

:mad:

Native
10 Nov 14,, 22:32
hehe

bolo121
11 Nov 14,, 01:31
proxy and ssh tunneling at work = fired

gunnut
11 Nov 14,, 02:44
proxy and ssh tunneling at work = fired

Yeah but all I'm doing is hitting an IP in the residential area.

bolo121
11 Nov 14,, 03:59
Doesn't matter, if you are bypassing corporate firewall its an automatic violation.
In most cases people get fired.

gunnut
11 Nov 14,, 19:35
How would they find out?

bolo121
12 Nov 14,, 00:46
I don't know the details but at my current client company's US office we heard that someone was detected using SSH to browse stuff from their laptop and fired.

gunnut
12 Nov 14,, 00:52
I don't know the details but at my current client company's US office we heard that someone was detected using SSH to browse stuff from their laptop and fired.

Interesting. Sounds like he was still hitting the prohibited web sites directly, only the payload was placed in a wrapper to avoid triggering the firewall.

I'm not hitting the prohibited websites. My laptop at home is. :biggrin:

Oracle
12 Nov 14,, 06:56
How would they find out?

Proventia Web filter (http://www-935.ibm.com/services/in/en/it-services/proventia-web-filter.html), one among the many tools in market these days. What bolo says is true. Have you tried using TOR (https://www.torproject.org/) from your workplace? Let us know if that works.

Double Edge
12 Nov 14,, 11:56
How would they find out?
Depends how clued up read funded your IT dept is. An alert would trip if ssh protocol is detected outbound on their firewall.


Browsing on the phone is just too slow and bad for my eyes.

:mad:
Yeah a 3.8 inch screen will do that. How people with 4 inch iphones manage i have no idea. They don't not for more than ten minutes anyway.

So make your next one a 5 incher :)

gunnut
13 Nov 14,, 02:01
Depends how clued up read funded your IT dept is. An alert would trip if ssh protocol is detected outbound on their firewall.

Is hitting a proxy server an "ssh protocol?"

What exactly do these firewalls look for? It seems to me they look for IP addresses rather than detecting content.



Yeah a 3.8 inch screen will do that. How people with 4 inch iphones manage i have no idea. They don't not for more than ten minutes anyway.

So make your next one a 5 incher :)

Unfortunately, any phone larger than 4 inches would require a special carry case or a murse.

Stitch
13 Nov 14,, 04:23
Proventia Web filter (http://www-935.ibm.com/services/in/en/it-services/proventia-web-filter.html), one among the many tools in market these days. What bolo says is true. Have you tried using TOR (https://www.torproject.org/) from your workplace? Let us know if that works.

I'm about 90% sure this is the software my (very large) company is using on our network servers and, yes, it is good; very responsive. I don't necessarily try to defeat the filter protocols, but I do do a lot of poking around at questionable sites, and it usually picks those up within a few seconds and adds the URL to it's restricted database.

Double Edge
13 Nov 14,, 10:40
Is hitting a proxy server an "ssh protocol?"
A plain proxy without ssh means everything goes across in plain text and if the firewall is logging that data then whatever you typed will show up. So if they are not used to seeing websites in their log and it suddenly shows up then they think their firewall isn't working or they just add your proxy to the list and it stops working for you one day. Simple IP filter.

If they don't allow it then it means you're not supposed to do it. Bypassing these blocks puts you in the grey zone.

Using ssh means you have a server set up at home and it establishes an encrypted channel so whatever you do cannot be seen but the presence of that protocol means something is happening. If ssh is not used often in your dept its presence would be unusual and might make your it staff wonder whether your machine is compromised.


What exactly do these firewalls look for? It seems to me they look for IP addresses rather than detecting content.
Depends on the firewall and its configuration. The better ones can inspect packets, others just log traffic, what went across by whom to where. There are flags built into reports that would indicate anything out of the usual.


Unfortunately, any phone larger than 4 inches would require a special carry case or a murse.
Dont follow, won't it fit in your jacket or pants pocket. Bigger than 5 inches can be unwieldy.

In any case a bigger screen means you can read twice as long and then it gets tiring.

So if the screen is small but unblocked then maybe the answer is to use the phone's internet with your desktop/laptop.

Would tethering be an option for you ? using the phone as a modem connecting to either a laptop/desktop via bluetooth/wfi or usb This way you're not even using the company's web but your phone internet instead. its a bit involved to set up though.

Or you could ask IT to just allow that one website and hope to get lucky :)

gunnut
13 Nov 14,, 19:54
I'm about 90% sure this is the software my (very large) company is using on our network servers and, yes, it is good; very responsive. I don't necessarily try to defeat the filter protocols, but I do do a lot of poking around at questionable sites, and it usually picks those up within a few seconds and adds the URL to it's restricted database.

I work for a medium sized company. I believe the firewall that blocked me was Barracuda.

The notification page said something like "offensive site - category: weapons"

The weird thing is I chat on calguns mostly on the "off topics" page. We talk about everything but weapons.

Other sites are not blocked...yet. I can get onto Freedommunitions to order ammo, or CDNN for gun parts, or Midwayusa for gun parts. Haven't tried AIMSurplus. I think JGSales goes through.

gunnut
13 Nov 14,, 20:08
A plain proxy without ssh means everything goes across in plain text and if the firewall is logging that data then whatever you typed will show up. So if they are not used to seeing websites in their log and it suddenly shows up then they think their firewall isn't working or they just add your proxy to the list and it stops working for you one day. Simple IP filter.

Hmmm...how about if I remote into my computer at home and use its browser? That shouldn't trigger anything. Contents are sent over as...bitmap?

How do I set up a remote session to my laptop at home? Is there a windows service that can do it or do I have to use a 3rd party software?



If they don't allow it then it means you're not supposed to do it. Bypassing these blocks puts you in the grey zone.

Yes, but that's the American way. We like to stick it to the man. That's how we started in 1776. :biggrin:



Using ssh means you have a server set up at home and it establishes an encrypted channel so whatever you do cannot be seen but the presence of that protocol means something is happening. If ssh is not used often in your dept its presence would be unusual and might make your it staff wonder whether your machine is compromised.

Definitely won't do this. Trying so hard to avoid drawing attention actually draws attention.

Try to keep your distance....but look like you're trying to keep your distance. I don't know. Fly casual!



Depends on the firewall and its configuration. The better ones can inspect packets, others just log traffic, what went across by whom to where. There are flags built into reports that would indicate anything out of the usual.

Gotcha.



Dont follow, won't it fit in your jacket or pants pocket. Bigger than 5 inches can be unwieldy.

In any case a bigger screen means you can read twice as long and then it gets tiring.

A 4" screen might fit in my pocket, but the current 3.7" screen is already uncomfortable when I wear my jeans. Maybe it's a sign I should lose some weight.



So if the screen is small but unblocked then maybe the answer is to use the phone's internet with your desktop/laptop.

Would tethering be an option for you ? using the phone as a modem connecting to either a laptop/desktop via bluetooth/wfi or usb This way you're not even using the company's web but your phone internet instead. its a bit involved to set up though.

Unfortunately my phone is locked by AT&T's tethering policy. It worked when I updated from WP8 cyan to WP8 black. Then WP8.1 rolled around and the feature was locked again. There are ways around it, but way too much trouble.



Or you could ask IT to just allow that one website and hope to get lucky :)

I have a better chance of a threesome with Jennifer Lawrence and Scarlett Johansson.

Stitch
13 Nov 14,, 22:06
I have a better chance of a threesome with Jennifer Lawrence and Scarlett Johansson.

THAT would be interesting, although I'd substitute Jennifer Coolidge for Jennifer Lawrence (I'm probably older than you are)!

Double Edge
13 Nov 14,, 23:05
Hmmm...how about if I remote into my computer at home and use its browser? That shouldn't trigger anything. Contents are sent over as...bitmap?

How do I set up a remote session to my laptop at home? Is there a windows service that can do it or do I have to use a 3rd party software?
You're thinking of Remot Desktop. This worked great even over dialup. Amazing.

if you have a pro version of windows on your laptop that will work. Dunno if the newer versions of windows have it ootb. Set up the service. Then you need to create a rdp shortcut with your home computers IP. If thats dynamic then you need a service that will resolve it for you so you can access from work. Open up the right ports on your home router and you're good.


A 4" screen might fit in my pocket, but the current 3.7" screen is already uncomfortable when I wear my jeans. Maybe it's a sign I should lose some weight.
temp in oakland right now is 61F. you must wear a jacket. But summer is the question.

What do you make of this (http://instagram.com/p/vQ_H-Xrj-r/) ?


Unfortunately my phone is locked by AT&T's tethering policy. It worked when I updated from WP8 cyan to WP8 black. Then WP8.1 rolled around and the feature was locked again. There are ways around it, but way too much trouble.
Then this (http://justfoundimportant.blogspot.in/) is for academic interest only.

remember this line


that's the American way. We like to stick it to the man. That's how we started in 1776. :biggrin:
;)


I have a better chance of a threesome with Jennifer Lawrence and Scarlett Johansson.
"offensive site - category: weapons"

means other sites are allowed. means you just might get away with it.

i never used company net for personal stuff not even email. was too paranoid about privacy.

gunnut
14 Nov 14,, 02:59
You're thinking of Remot Desktop. This worked great even over dialup. Amazing.

if you have a pro version of windows on your laptop that will work. Dunno if the newer versions of windows have it ootb. Set up the service. Then you need to create a rdp shortcut with your home computers IP. If thats dynamic then you need a service that will resolve it for you so you can access from work. Open up the right ports on your home router and you're good.

I will definitely try this tonight.



remember this line


;)


"I used to like to stick it to the man. Now, I am the man."

Brigadier General Jack O'Neill, SGC

Oracle
14 Nov 14,, 06:06
I work for a medium sized company. I believe the firewall that blocked me was Barracuda.

Barracuda's web filter is good.


Hmmm...how about if I remote into my computer at home and use its browser? That shouldn't trigger anything. Contents are sent over as...bitmap?

How do I set up a remote session to my laptop at home? Is there a windows service that can do it or do I have to use a 3rd party software?

You can do all the above you have listed, but why go through all the trouble? Just use Chrome as your browser, and add Chrome Remote Desktop app. It's cross-platform. Here are some links for you on how to go about it.

Link1 (http://pcsupport.about.com/od/remote-access/fl/chrome-remote-desktop-review.htm)
Link2 (https://chrome.google.com/webstore/detail/chrome-remote-desktop/gbchcmhmhahfdphkhkmpfmihenigjmpp/details?hl=en)
Link3 (https://support.google.com/chrome/answer/1649523?hl=en)

Follow the instructions and you be done in no time. Instead if you want to use a 3rd party app, you can try Teamviewer (http://www.teamviewer.com/hi/index.aspx), it's free and good.

gunnut
14 Nov 14,, 20:08
Barracuda's web filter is good.



You can do all the above you have listed, but why go through all the trouble? Just use Chrome as your browser, and add Chrome Remote Desktop app. It's cross-platform. Here are some links for you on how to go about it.

Link1 (http://pcsupport.about.com/od/remote-access/fl/chrome-remote-desktop-review.htm)
Link2 (https://chrome.google.com/webstore/detail/chrome-remote-desktop/gbchcmhmhahfdphkhkmpfmihenigjmpp/details?hl=en)
Link3 (https://support.google.com/chrome/answer/1649523?hl=en)

Follow the instructions and you be done in no time. Instead if you want to use a 3rd party app, you can try Teamviewer (http://www.teamviewer.com/hi/index.aspx), it's free and good.

Chrome needs me to sign in to Google. I try not to use Google as much as possible.

I have tried teamviewer. It's workable.

I turned on the remote desktop feature on my laptop and opened a port to the machine. It works!

Big FU to the censors!!!

I'm sticking it to the man. :biggrin:

Double Edge
14 Nov 14,, 22:45
I try not to use Google as much as possible.
http://ecx.images-amazon.com/images/I/51gDE5ma%2BGL._SY300_.jpg

Oracle
15 Nov 14,, 06:09
@ gunnut - If it works for you, all's fine. :) Seems to me, I'm not the only one concerned about my online privacy. Here's how you can reduce some of your digital footprints. How to Disappear Online (http://www.whoishostingthis.com/blog/2013/12/12/how-to-disappear-online/). The article doesn't say much, nonetheless it's a good starter.

Outstndngguy
18 Dec 18,, 11:01
But what about accesing this website via Tor?