College Network Woes...
<div class="IPBDescription">Defeating the mighty proxy.</div> Being a long time member of the NS community I have seen the very intelligent crowd that NS attracts so I thought it would be as good a place as any to start my war on my college proxy server. The entire time I've been here I've been using all the tricks I learned in high school to get around the blocked sites (Not just porn, they block EVERYTHING from game sites to FTP ports to Telnet ports to IRC to freaking everything.) and slowly one by one they have caught on and killed every trick I have thrown their way. So it's time to get serious.
The Service they use is called <a href='http://www.websense.com/' target='_blank'>Websense</a>. From what i can gather it's primary use is for large corporate networks who want to restrict employees net traffic. It all runs through a proxy server at internal IP 128.95.219.192 port 3128. Which if you plug into your browser you'll see is an interesting distributed networking platform of some sort. Now a quick read of the page also reveals this is an open source project hosted on sourceforge.net which means there should be plenty of documentation on it, but as of yet I have only found very generic broad base descriptions like "facilitates planetary scale projects" rriigghhtt....
Any way A deeper look at the websense site reveals all the admin and install info files which could yield some interesting discoveries but as of yet has not.
Also and here is the part that **** me off and sent me on this crusade... When a page is blocked it comes up with a screen saying why its blocked and such, there is also a link to "Learn about your access rights and privileges" and when you click it the link is broken...
When i begin to mess with the proxy server I get messages like:
"You are trying to use a node of the CoDeeN CDN Network. Your IP address is not recognized as a valid PlanetLab address, so your request rate is being limited."
I will be working hard on this if any one has any experience with this or anything like it I’d love some help!
The Service they use is called <a href='http://www.websense.com/' target='_blank'>Websense</a>. From what i can gather it's primary use is for large corporate networks who want to restrict employees net traffic. It all runs through a proxy server at internal IP 128.95.219.192 port 3128. Which if you plug into your browser you'll see is an interesting distributed networking platform of some sort. Now a quick read of the page also reveals this is an open source project hosted on sourceforge.net which means there should be plenty of documentation on it, but as of yet I have only found very generic broad base descriptions like "facilitates planetary scale projects" rriigghhtt....
Any way A deeper look at the websense site reveals all the admin and install info files which could yield some interesting discoveries but as of yet has not.
Also and here is the part that **** me off and sent me on this crusade... When a page is blocked it comes up with a screen saying why its blocked and such, there is also a link to "Learn about your access rights and privileges" and when you click it the link is broken...
When i begin to mess with the proxy server I get messages like:
"You are trying to use a node of the CoDeeN CDN Network. Your IP address is not recognized as a valid PlanetLab address, so your request rate is being limited."
I will be working hard on this if any one has any experience with this or anything like it I’d love some help!
Comments
edit: WHOA desproxy works! kazaa over http bypasses our network's bandwidth throttling.
Finding the admin port on the Proxy isn't going to help you, as it only allows authorized IP Addresses to administer the machine.
However, if you can get ahold of the localpolicy file that it reads to restrict access, you can go to work.
<!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
<proxy>
url_domain=//natural-selection.org content_filter_override(yes)
<!--c2--></td></tr></table><span class='postcolor'><!--ec2-->
Is the only line you'll need. You'll have to wait until the appliance is reset, or the policy is reinstalled for this to take, but any self-respecting corporation reboots their systems nightly.
If BlueCoat isn't the type of proxy your company uses, just change the syntax as necessary.
Also, another little trick if it's a bluecoat... the <proxy> layer reads the access/deny list until it finds a match, and then exits... so if you add...
<!--c1--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
<proxy>
ALLOW condition=PORTS exit
define condtion PORTS
url_port 80
url_port 443
url_port 6667
end condition PORTS
<!--c2--></td></tr></table><span class='postcolor'><!--ec2-->
It will see you're trying to go through the port, and then exit that layer. You'll still need to bypass the websense filter, but the content_filter_override command can be used to do so.
Grab a subterranian hover craft, a chick or 5 in tight leather, and a computer nut and a balding black dude with snap on sun glasses, teleport inot the school with an ungodly amount of weapons and use your kung fu to hax0r it.
Relly though, Id just do a simple request to unblock gaming sites to the admin.