[Ilugc] Breaking blocked access in my office
- From: girishvenkatachalam@xxxxxxxxx (Girish Venkatachalam)
- Date: Wed Jun 9 16:27:45 2010
On Wed, Jun 9, 2010 at 2:05 PM, Pothuraju, Naga Deepak
<naga-deepak.pothuraju@xxxxxxxxxxxxx> wrote:
Hi Team
I am trying to overcome the blocked access in my office somehow as I think
the security restrictions have gone too far to carry on my daily activities.
Here is the scenario. I cannot access any email sites, IM sites,
entertainment sites from my office. The setup as far as I understood is that
all traffic from the local systems are being tunneled through a proxy server.
I tried using various methods to access websites & IM sites like anonymous
proxy servers & few other ways. But what I found was that no matter what, I
don't seem to be able to access any of the mail/IM sites. Just then I tried
Firefox add-on sameplace [xmpp] which was little complicated to set up as it
had few dependencies & the only thing that works for me now in gtalk. All the
other Firefox addons like gtalksidebar, meebo, etc failed. Certainly, they
aren?t blocking talk.google.com since any addon trying to connect to gtalk
connects to talk.google.com. Few doubts on my mind now are:
* Is there a way to direct http traffic over xmpp?
* How do I know if they are blocking it via ports?
* I would like you guys to guess the rule or setup they have to monitor or
block traffic.
For all those guys having the same problem, I am currently able to use
gmail/rediffmail/yahoomail via http://www.noblewebs.com/postbox/ & as ;
mentioned above, gtalk via sameplace firefox addon.
This thread interested me just out of curiosity to know if someone had
mailed a technical answer to the question asked.
I have broken e-mail accounts, reverse engineered the DES cryptosystem
and generally played a lot with crypto.
I am also very good at physically breaking locks and entering a house
without a key. ;)
Anyway it calls for ingenuity and resourcefulness and of course purity
of intent.
If you are sure that you are doing something conscientious and
meaningful then just go ahead. ;)
So what if they fire you? Find another job. I got fired from every job
for no fault of mine. Anyway lest us focus now. (Most likely they
won't even know any of this)
* Is there a way to direct http traffic over xmpp?
With http-bind they way web IM works? You can tunnel XMPP over HTTP;
so ergo you should be able to do the reverse.
But I would not suggest that. See below.
* How do I know if they are blocking it via ports?
Blocking what via ports? Run a security scanner like netcat or nmap or
nessus or nikto or hping.
Did you attend my talk at IIT in Sep 2007? ( I hope I got the year right).
* I would like you guys to guess the rule or setup they have to monitor or
block traffic.
Rule? What rule? Why should you care about it? You can get around
every such rule if you are clever and know the big picture. And of
course you should have access to the right tool and have lot of
perseverance.
Having blabbered so much I will also speak about the big picture of
access control and how things actually work and how to break them.
Look at tor anonymizers or port forwarding using SSH. In general you
need a third party machine somewhere for you to help get on to the
Internet without restrictions.
Use crypto to avoid getting detected. No tool can look inside
cryptographically protected packets; so tunnel traffic using ssh and
your sysadmin will be none the wiser.
Run your ssh server on the public IP at port 80. And use it to forward
all your traffic.
Once you setup remote port forwarding you can do anything you want!
There is a tor plugin for firefox.
To figure out which ports are blocked this command line should suffice.
# nmap -sT -p 1000-5000 192.168.107.6
This will scan TCP ports between 1000 to 5000 on the IP given.
To find out which machines on your network are up run this:
# nmap -P0 192.168.107.0/24
nmap is not the only tool out there. You could also use hping or SING to
good effect.
Have fun.
-Girish
Other related posts:
