Results 1 to 8 of 8

Thread: WebMarshal

  1. #1
    Junior Member
    Join Date
    Nov 2004
    Posts
    16

    WebMarshal

    Dear all, I have a problem with some sites. I am within a school network which has always had WebMarshal installed, but there was a Python program which most of us had which was not only able to get past WebMarshal and go onto any site, but also let us use MSN Messenger. To make it work you had to change the LAN Settings to listen on localhost (this computer) on port 4463. The server is a Microsoft Exchange Server with a SOCKS 5 proxy, and last night the admins must have changed some rules and blocked some ports or something like that because today nothing works, and I cannot even buy things from Amazon.co.uk. This is a College, and even though we already have 10 people in our year writing a new program as we speak to get past the filter, I would like to know what is going on. The filter blocks offensive sites, https sites, POST, and it also says "Blocks non-business sites". Any ideas? Thanks in advance,

    D Cheng

  2. #2
    Senior Member
    Join Date
    Mar 2004
    Posts
    510
    There are lots of ways that it could be done. I think you and the '10 people in our year writing a new program as we speak to get past the filter' are fortunate to still have your accounts. Did you sign an acceptable use policy? There's a reason that your college has these safeguards in place. Maybe they're reading your post as we speak.
    \"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn

  3. #3
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Any ideas?
    Buy cable and do your non-school stuff at home.....

    There, that was all pretty easy.... See, when _you_ own it, _you_ can do what you like on it......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  4. #4
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    I would like to know what is going on.
    To your benefit, they are being nice and only taking remedial action to stop your abuse. Keep it up, and they will throw your back orifice out of school!

    And as Tiger Shark so appropriately explained it:

    ...when _you_ own it, _you_ can do what you like on it......
    It is the school's network not yours. LEAVE IT ALONE!

    Good Day.
    Connection refused, try again later.

  5. #5
    Senior Member
    Join Date
    Mar 2004
    Posts
    510
    Friday isn't a good day to post something like this. A lot of us have spent all week trying to keep the networks and computers we are responsible for safe and secure from people who think they know more than us.
    \"You got a mouth like an outboard motor..all the time putt putt putt\" - Foghorn Leghorn

  6. #6
    Junior Member
    Join Date
    Nov 2004
    Posts
    16
    Oops! I know that it is wrong to do all this stuff, and I probably take the acceptable use policy more seriously than anyone else in the school, but for one moment...

    I guess it was it was just my rebellious inner self.

    Sorry about that!

  7. #7
    dcheng you need to find another internet gateway somewhere on the network. It is possible
    that the IT dept have their own little proxy that they use for themselfs so they can work
    without even worrying about the filter. Either way scan your network and look out for one.

    Alternatively the solution should be to setup a box (with a public ip) on the outside of this network. Setup an ssl proxy on port 443 on it and then an stunnel daemon on your on client. You should be able to setup the stunnel client on your own machine to work through the webmarshal box. This should work because the filter can't observe the encryped packets as it traverses it. Unless of course they do not permit ssl through it, which is highly unlikely.

    The other route is to actually 'social engineer' access out of them. Think of a legitimate reason to use it for a project and kick and scream about getting access to do your project

    Incedentally, have your friends worked out a way around this? What exactly are they programming?

  8. #8
    T3h Ch3F
    Join Date
    Sep 2001
    Posts
    718

    Well

    Interesting way to socially engineer the question. The answer has been given to you, if you own the sys. then you can set your own parameters.

    Until then, just follow the rules, they eixst for your fellow users protection.


    PPL> here see through this **** in a heartbeat.


    Get some good religion from Bad Religion.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •