Tunnels and Proxies

[byuu]

This is kind of technical, but I was wondering if anyone here knew any ways to setup a secure proxy that is undetectable by network admins.

Essentially, Telnet/SSH/rlogin fail because they maintain continuous connections that never close, and any kind of packet analyzer can flag them, even if you stick them on port 80.

What I want is something like an SSL proxy where I can request any webpage (http or https), and send that request through a firewall encoded inside of an SSL packet to a server somewhere, to access blocked webpages.

For what it's worth, HTTP proxies already fail, as this filter appears to be inspecting outgoing packets. Quite impressive.

I see an option in Firefox for using an SSL proxy, but all the info I can find on this seems to indicate that this only works for https websites, and I can't find any software to create such a proxy server anyway.

I also need to mask DNS requests if possible. SOCKSv5 can do this, but I believe SOCKS packets could be detectable to a savvy network admin.

So, ideally, I would need something like a client that accepts SOCKSv5 requests from Firefox, encodes them into SSL, and sends that request through the firewall as though it were an ordinary https fetch, and then a server that could get this, decrypt the SSL, and then forward that SOCKS request onto a server of somesort to retrieve such data.

Any ideas for this or another solution? Really just need something as undetectable as possible. CGI proxies are quite terrible, and break too many webpages.

[AntoineWG]

Have you tried some kind of VPN tunnel?

[byuu]

Same problem. VPN connection remains open continuously. I need something that acts just like http or https communications, so that it will look as if I'm just accessing one specific webpage "a lot" to a network admin.

A constant VPN connection will stand out like a sore thumb.

That means, I can use http or https proxies. Since the firewall can detect requested URIs from inside HTTP CONNECT packets, I can't use an http proxy. Leaving me with only one option :/

[Deathlike2]

Sounds like they finally caught up to you at work...?

[AntoineWG]

Sounds like the same network nazis that run our network run yours. Few people, mostly the IT department and buying offices have internet access and they log everything. I mean everything. They threaten to revoke it for straying to the wrong areas of Newegg's website.

[byuu]

Sounds like they finally caught up to you at work...?

Nope, I'm just paranoid.

Sounds like the same network nazis that run our network run yours.

Pretty much. They block anything with 'game' in it, including development forums I frequent that have nothing to do with playing games. And yet, co-workers are free to go to eBay, newegg, ESPN, myspace, whatever. If it were a whitelist allowing only company websites, I wouldn't mind. But I don't at all care for selective censorship. Reminds me too much of China.

[funkyass]

look into tor.

actually, thats exactly what you are looking for.

beyond that, you need to bypass the network entirely.

[byuu]

Tor is no good :(

http://politics.slashdot.org/article.pl ... 08/2112258

Tor ends up giving you eighty connections in netstat to other PCs passing data through yours, and that data can easily be illegal stuff :(
Besides, their network IT caught this professor using it, so it definitely has its' weak points somewhere ...

I need to find a place online that shows you what packets look like for various protocols. SOCKS seems like the nicest solution, because so many apps support it other than just Firefox.

---

EDIT: meh, screw it. I'll just write my own proxy server. Seems easy enough, make a client that captures HTTP proxy requests, encodes the GET URI and `Host:' fields, and then sends them over the network to the proxy server. Have the proxy server decode those requests, and then fetch them from the internet.

I'll post it on my website when I'm finished since I'm apparently the first person to ever think of this idea :/

[Ichinisan]

Tor is no good

http://politics.slashdot.org/article.pl ... 08/2112258

Tor ends up giving you eighty connections in netstat to other PCs passing data through yours, and that data can easily be illegal stuff
Besides, their network IT caught this professor using it, so it definitely has its' weak points somewhere ...

I need to find a place online that shows you what packets look like for various protocols. SOCKS seems like the nicest solution, because so many apps support it other than just Firefox.

---

EDIT: meh, screw it. I'll just write my own proxy server. Seems easy enough, make a client that captures HTTP proxy requests, encodes the GET URI and `Host:' fields, and then sends them over the network to the proxy server. Have the proxy server decode those requests, and then fetch them from the internet.

I'll post it on my website when I'm finished since I'm apparently the first person to ever think of this idea :/

THANK YOU!

[CZroe]

I've been trying to set up PingTunnel to tunnel through ICMP packets. It's slow, and probably not too secure, but IIRC they say that it can't be blocked on any network allowing ICMP packets though. Without it, I can get online and ping, FTP, even Remote Desktop, but any HTTP request triggers a password prompt. I have a lot of freedom at work, but I can't even watch a DVD without the password prompt knocking me out of full-screen every time it switches chapters (Media PLayer's attempts to gather disc information). I'm a contractor, so I have no password.