Security IT/Bypass

The Net interprets censorship as damage and routes around it. — John Gilmore

Level 1: without configuration

edit

Cached Pages

edit

Some search engines keep cached pages, copies of previously indexed Web pages, and these pages are not always blocked. Cached pages may be identified with a small link labeled "cached" in a list of search results. Google allows the retrieval of cached pages by entering "cache:some-blocked-url" as a search request. Other method it use google translate - worked smilar to web-proxy.

Mirror and archive sites

edit

Copies of web sites or pages may be available at mirror or archive sites such as www.archive.org and the alternate sites may not be blocked.

Web to E-mail services

edit

Web to e-mail services such as www.web2mail.com will return the contents of web pages with or without images as an e-mail message and such access may not be blocked.

RSS aggregators

edit

RSS aggregators such as Google Reader and Bloglines may be able to receive and pass on RSS feeds that are blocked when accessed directly.

URL filtering

edit

Alternative domain names may not be blocked. For example, the following domain names all refer to the same web site: http://wikimedia.org, http://www.wikimedia.org, http://web.archive.org/web/20120224022641/http://text.wikimedia.org:80/ , and http://web.archive.org/web/20120224030658/http://text.pmtpa.wikimedia.org:80/ .

Or alternative URLs may not be blocked. For example: www.blocked.com vs. www.blocked.com/, blocked.com, blocked.com/, www.blocked.com/index.htm, and www.blocked.com/index.html.

Entering an IP address rather than a domain name (http:// or a domain name rather than an IP address (http://wikimedia.org) will sometimes allow access to a blocked site.

Level 2: Configuration connect

edit

IP blocking

edit

Similar to DNS, here it's just as easy. Must use some web proxy (usually doesen't work JS), proxy (which you need to set the browser) or 7 proxies (eg. proxychain) A reverse proxy is (usually) an Internet-facing proxy used as a front-end to control and protect access to a server on a private network, commonly also performing tasks such as load-balancing, authentication, decryption or caching. Websites could use reverse proxy to reroute traffic to avoid censorship.

We'll start with web proxy - are those pages which simply enter the address the page and the service assigns you the other external IP. often you need to try to find the right server and the IP address that is not banned, but allow login (cookies) and as normal surfing. They have one but wade - not always with their level of the page to load correctly (usually about Javacsript) so require such party. CAPTHA They don't display correctly.

To skip this, you become more yourself and try skonifigurować yourself proxy browser. The list of free proxy servers find here 'Firefox'

  1. We enter the Tools> Options (or Edit> Preferences on Linux)
  2. Select the tab Advanced> Network and select 'Settings ...' '
  3. Select the option 'Manual proxy configuration' '
  4. In the 'HTTP Proxy' 'Enter IP address (or host) and port eg. 3128
  5. Click Use this proxy server for all protocols
  6. Then click OK to confirm everything and ready.
  7. When you want to stop using a proxy simply select Settings No proxy

You can also use the plugin called AnonymoX, which automatic pulls and joins the list of available proxy fastest.

For the other programs should review their documentation.

Is to very simple, just use other DNS provider eg. OpenNIC here you find configuration DNS for popular systems.

Level 3: Encrypted connect

edit

Man-in-the-middle attack

edit

electronic signature

VPN blocked

edit

if your network administrator blocks the standard port (PPTP or L2TP), just switch to another port (like 80 or 53) of the your VPN client. if blocked afther IP Try other server - eg. VPNgate share over 3000 servers for free. if blocked connect VPN by DPI, can establishing an SSH/TLS tunnel, a user can forward all their traffic over an encrypted channel, so both outgoing requests for blocked sites and the response from those sites are hidden from the censors, for whom it appears as unreadable SSH traffic. Some VPN providers offer it called stealth VPN.

Network enumeration

edit

that the system was the least vulnerable are:
1. Evently update system

sudo apt-get autoclean
sudo apt-get autoremove
sudo apt-get update
sudo apt-get dist-upgrade

2. Evently change password
3. Activate firewall
4. Use antivirus
5. check system files for presence rootkits.

Keywords

edit

Try hybrid methods from DNS, proxy or VPN.

Level 4: Manipulation packets

edit

TCP reset attack

edit

If you drop all the reset packets at both ends of the connection, which is relatively trivial to do, the Web page is transferred just fine.

Level 5: Steganography

edit

The practice of embedding useful data in what looks like something irrelevant. The simplest method it includes text of a document can be broken into its constituent bytes, which are added to the pixels of an apparently innocent picture. The effect is barely visible on the picture, but the recipient can extract it with the right software. Effective for getting information out, but slow.

methods hide information on other covers in next book

References

edit