December 1st, 2004, 06:47 AM
An article at http://news.bbc.co.uk/1/hi/technology/3548035.stm, talks about chinese users bypassing firewalls.
How do they do it? Any one can throw some light on to it?
Is that methodology can be used in local network?
December 1st, 2004, 06:58 AM
Its simple. Say the gov. bans all addresses ending in .com so what they do is they connect to a computer (say it ends with .edu) and then request info through that comp. That comp is out side of the controlled area so it can access the .com stuff when it relays the info back to the requesters the filters see it as .edu instead of the original .com becasue now it has a new sender. This is called using a proxie. "hackers" have used this for a long time to hide their IP addresses becasue the attacks look like they are comming from the proxie rather then comming from the actual attacker. Yes there are MANY free proxies available so it can be implimented on a lan. One was I have found to get around many school filters is to have somoene send you a link using www.tinyurl.com it converts the link into one from tiny url's domain which is not block (yet) so it tricks the filter into thinking it is a different page.
December 1st, 2004, 07:00 AM
oh and if anyone is trying to use that link take the comma off the end and it will work.
December 1st, 2004, 07:06 AM
I have a watchguard frewall installed.
It prevents us from accessing many security sites. I tried with the same method you told with tiny, the firewall still blocks the connection.
December 1st, 2004, 07:07 AM
Firewalls basically block ports,they block incoming request as well as outgoing requests(denying unknown application to access internet),they block in coming request from a perticular IP address,or from a range of IP addresses oe from a range of IP addresses other then specified.
Suppose you find a buffer overflow in a web site and u have a exploit available for that vulnerability on internet which sends a revevse shell to IP address u specify you know that it is a working exploit but when you try to hack a web site it doesn't work out.Why?
Because firewalls can be(and normally are)configured to block outgoing requests.so what happens when u use that exploit?
Buffer overflow is exploited a shell is created and program tries to send it to a perticular port on a perticular IP address.
But due to firewall it can't.
Now about how to bypass firewall there are two well known mathods
Take a simple and short explaination of code injection.There are two codes one that is used to inject the other code in any process's(that is allowed to access internet by default) memory space and the Other code that just does something like sending files or anything you want.
So what happens?
1) You are totally working in memory
2) Once you inject your code in memory space of other process that code is also allowed to access internet as firewalls don't provide any protection at process level.
December 1st, 2004, 11:44 AM
maybe they know the secert of tinyurl, lol. It also dependson how the filters work. If it is blocking the URLS like my highschools did then this works. If it filtering by the "keywords" for the page then its much harder to do. The way we used to get around that was to build a personnel webpage and have a framein it for the page we wanted to see, that way we could go to our site without problems which coincedently had a frame that took up nearly the whole sceen with a blocked page.
December 9th, 2004, 06:24 AM
can Anyone [gloworange]Put some light on how a firewall works[/gloworange] .Some time ago i installed Norton Internet Security and it had a default firewall thus blocking all network access but since the network is my part of computers only, there must be some way by which i can access my network files and bolck access to pcs outside the network connected to me by internet.Another thing is there how to bypass the firewall.I am not asking about any tools that do this.I am asking about the method how you do it.
Also kindly tell me what good firewalls are there and their disadvantages and advantages.A link will be sufficient.
December 9th, 2004, 06:35 AM
Just ****ing google it.
Norton Internet Security sucks.
ZoneAlarm is good
IpCop is even better if you have a spare computer lying around.
Government is like fire - a handy servant, but a dangerous master - George Washington
Government is not reason, it is not eloquence - it is force. - George Washington.
Join the UnError