Avoiding Internet Filtering
by Major Lump (MajorLump@hotmail.com)
"Yes, no, maybe so," goes the childhood phrase.
My friends and I took great delight in endlessly repeating what we thought was such a clever little rhyme. For the hacker, however, this phrase rings particularly true. System administrators often think in terms of black and white (the "yes" and "no") while the hacker sees shades of gray (the "maybe so").
The average computer user often assumes he cannot outsmart or outthink the trained professional. When stacking the teenage power user against the professional system administrator, it would seem the administrator would have the advantage. Not so. The gray scale always defeats the black and white.
I was recently surfing the Internet at my school when I decided to pay a visit to 2600.com. I typed in the URL, pressed Enter, and waited for the page. Rather than the green 2600 logo, a blue "Websense" logo stared me in the face.
It turned out that all hacking related websites are blocked, as well as other "inappropriate" material. Since I attend a rather liberal, prestigious prep school (no, I'm not a snob), I was surprised that the system administrator governed with such an iron fist. Surely a school that encourages freedom of speech would not use a content blocker and thus stoop to the level of many foreign governments (the ones we shun). I knew I needed to find a solution to the problem and regain my freedom.
Google, as many hackers know, is a great information miner. I quickly directed my browser to Google and searched under "hacking websense".
The tenth hit (SecurityForumX - A workaround to Websense) did the trick.
Nicely outlined in front of me was a hack for avoiding the watchful eye of Websense. I learned, from reading the article, that the Websense filter does not monitor HTTPS connections (which use the SSL protocol).
I am not sure exactly why but I suspect that it is either due to the encryption (SSL) or the protocol (SSL uses port 443 rather than port 80). Either way, a user can access a proxy through an HTTPS connection and thus liberate their web browsing habits.
After trying a few proxies, my favorite was www.proxyweb.net, but others include MegaProxy Proxify (megaproxy.com) and Proxify (proxify.com).
For a list of great proxies and other goodies visit www.proxyway.com/www/freeproxy-server-list.html, tools.rosinstrument.com/proxy, or just Yandex/Google for it ("free proxies + https" will do the trick).
There is another hack or workaround for extracting information that is blocked by a filter.
After outlining the proxy hack, the following concept seems a little quaint. But if the HTTPS/SSL proxy does not work, this primitive hack can be an effective last resort. If you want to get a small fact or a tidbit of information from a specific, blocked website, you can use Google's site: operator to search the website.
After retrieving the results, Google includes two lines of text under the link to each hit. Normally, these tidbits of information would be blocked since they originate from a blocked website.
However, Google's results can still paraphrase small sections (two lines) of the target site. The more specific your search terms, the more pertinent the information returned.
For example, let's say I would like to find the email address of the 2600.com webmaster.
Normally you would go to 2600.com to get this information, but seeing that I am on a filtered network, the site is blocked.
However, I can Google this search term: "site:2600.com email + webmaster" and the second hit gives me the email address: webmaster@2600.com. This hack's major stumbling block is, of course, that only small tidbits of information can be retrieved.
However, in dire situations this workaround can be a lifesaver.
Since network filtering is a major issue and affects people all over the world, there is a plethora of online resources discussing hacks and workarounds.
If you're interested in learning more I suggest that you visit www.zensur.freerk.com, peterrost.blogspot.com/2007/01/top-ten-methods-to-access-blocked.html, or www.webstuffscan.com/2006/11/23/how-to-access-blocked-websites-top-10. Of course, Google is another great resource.
Just Google "accessing blocked websites" and you should have more hits than you know what to do with. Before I end, I would like to just make one last comment. Major props go to Google for their Google Docs.
I wrote this article on their online text editor and found that it is both easy to use and great for writing "controversial" articles that can't wander into the wrong hands (namely my school's system administrator).
It's a hacker's best friend.