Strict offsite filtering blocking tor/xerobank

Discussion in 'privacy technology' started by jermsie, Aug 13, 2007.

Thread Status:
Not open for further replies.
  1. jermsie

    jermsie Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    9
    I've made this post in another thread but I thought it deserved it's own thread as this involves offsite filtering.

    Over the past couple of months I have been testing 'torpark' on my pendrive just to see if it could actually get through the school firewall. I was successful once with torpark. This was some time ago and since then I've battled to try and establish a circuit, adding the necessary proxy ip for the school network and port 8080. I've had no such luck and I get a time out with the free version every time. I've tried the new xB Browser Demo, but I suspect school has detected xB and blocked it completely. I get a "proxy is refusing connections" when the browser opens. How can they do this? What ports does xB use to make a connection?

    The school's internet is pretty good. It's running on 10mbit fibre. All filtering is done offsite to a company called Watchdog http://www.watchdog.net.nz/ .
    Quoting the website:
    "Our filtering technology is very sophisticated
    For example:

    * We do not block Google Images — we filter them so that you can still access 1000’s of wonderful images.
    * We filter httpssecure) sites - we have been doing this for years and many sites that we block are of this type.
    * We block anonymous proxies - We are also block proxies via pattern recognition. This feature is continually being improved as new proxy signatures are added. This is the best form of defence against these 'cgi' proxies embedded' in web sites. We filter both http: and https: sites so proxies on https: are no problem."

    Can they intercept secure https? If so, this concerns me as I regularly check emails during spare time, most of which are personal and related to my web development business. o_O

    Network firewall is squid/2.5.STABLE14
    Proxy: 172.16.0.1 port: 8080

    The filter is set to block any site that contains words like "proxy" "tor" "hacking" etc etc. I can understand that there needs to be good protection in a school but when I want to research google or any security site it bothers me that these are blocked when they contain particular keywords. Last night I setup PHProxy on my server, removing all words attributed to the proxy itself but they were fast to I assume, manually look through web logs and block it off.

    No doubt wilderssecurity will be blocked in the next few days. Browse logs are checked manually from time to time.
     
  2. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    I'm afraid I can't assist you in circumventing government networks. Naturally I don't think you would ask such a question, so I assume the problem is occurring behind a private school network that has an over-zealous security firewall that was poorly configured to be too strict, and that the school want you to have access to the services but they are being blocked because of the bad firewall configuration. Teachers are often the victims of censorship and poor policy.

    Did you download the xB Browser with XeroBank Plus demo from your account Profile area after you logged in? Otherwise it will try regular Tor connections.

    Within a few months, your school will no longer be able to block Tor specifically. There is some new anti-blocking technology coming out. We can implement a lot of the same with XeroBank as well, but typically this isn't a problem.

    The concern is *what* exactly are they blocking? For example, if you have a XeroBank account, you can only connect with ssl encrypted traffic, but you can connect to our servers on virtually any port.

    Do you require special credentials to get through the firewall?

    Incidentally, it appears "watchdog" is having some trouble of their own with their servers, at the moment.
     
    Last edited: Aug 17, 2007
  3. jermsie

    jermsie Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    9
    Yeah, I downloaded a copy in the profile area and installed on my pendrive.
    I had to do this from home because the filters blocks xerobank.com.
    Countless proxies that even some teachers use, have been discovered and blocked. I was surprised that within hours my own web proxy had been blocked
    too.

    When starting xB Browser with the Plus demo, it would start, but simply load with "proxy refusing connections." I'd put in the necessary network proxy address and port 8080. No username or password required.

    How can they filter https if the information within the site is encrypted?

    Search queries in google like "tor" and "proxy" or keywords closely associated with anonymity are more or less blocked when searched.

    I have little to hide, but just being able to browse and communicate safely and in privacy is quite important. Having been exposed to information on web browsing vulnerability and anonymity has made me much more aware.

    Cheers for the reply
     
  4. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Okay if you are already behind a firewall xB Browser won't get work. Because it uses a putty connection is doesn't yet respect firewalls without generating a putty profile on the fly. Which should be done soon.

    Can you open up a cmd prompt? Try pinging plus.xerobank.com
     
  5. jermsie

    jermsie Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    9
    Try that in an hour
     
  6. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
  7. jermsie

    jermsie Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    9
  8. jermsie

    jermsie Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    9
    Yeah it pings fine in command prompt, so do any blocked sites.

    The downloading of exe's has now been blocked by squid as well.
     
  9. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    It sounds like no matter what you do, it will eventually be blocked as well.

    Have tried surfing using the Google Cache, Coral, or Wayback Machine?
     
  10. jermsie

    jermsie Registered Member

    Joined:
    Aug 13, 2007
    Posts:
    9
    Hmm it would seem that way. Archive.org's search was blocked, same goes for google cache (any website).
    Was worth a try, it's very irritating though.
     
  11. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Here is something you can do: go create an OpenVPN server at home or wherever, then use xB VPN on USB keychain and try to create a TLS connection. If successful, it will bypass all of the filtering.

    This assumes you have rights to install a network driver, which may be over-reaching.

    In the alternative, you could try creating an SSH connection if OpenVPN isn't capable of running on the machine. You sound like you need your own secret proxy that won't register on their network scanner, and you will probably need to make it silent or masked so when their scanner comes along, it doesn't set of any alarms.
     
Loading...
Thread Status:
Not open for further replies.