i like to install kazaa but could not connect to different computers because a firewall refuse to connect... how could i hide to a firewall?
Printable View
i like to install kazaa but could not connect to different computers because a firewall refuse to connect... how could i hide to a firewall?
I don't know if I understood your question?
seems to be ur problem will be solved by using HTTP tunnel...google for it and download
nJoy
The only way to get past the firewall is to learn first what type of firewall is running and then attempt, goodluck, to bypass it's rules.
::coffee::
ccKid
HTTP Tunnel will work as long as there are no other IDS apps running and the SA is an idiot but hell, give it a try.
::coffee::
ccKid
hi ascii, I also had the same problem i wanted to chat with yahoo messenger and irc but my pc is connected to a lan . I tried downloading http tunnel (cracks up the firewall and lets you bypass) and it worked! Go to www.http-tunnel.com
I believe there are settings in the Options/preferences area in kazaa that can you can set to go through your firewall if you are having problems. Im kinda confused by the question too but this is from what i understood. Hope it helped even a little.
PeacE
-BoB
Hiya, ascii.
The answer changes very little based on the firewall you are using. If you are using a tool like ZoneAlarm you will simply have to tell it that outbound connections from 'kazaa.exe" are authorized. Other software firewalls on your system will have a similar function.
If this is a firewall outside your controll you will have to do like the others said and tunnel around it. In kazaa you can change the ports it connects through. Go to Tools in the menu, select Options > select the Traffic tab. At the bottom you will see something about using port XXXX for incoming connections (this is only if you are sharing from this system). It also allows you to define port 80 for incoming connections. The settings for a proxy are for your outbound connections (for you to download from). You can find proxy servers (Google) that you can point kazaa to and shoudl be able to tunnel out that way.
good luck
Hi,
Sorry to sound boring but:
YOU SHOULD NOT EVEN BE THINKING ABOUT THIS SORT OF THING!!!!!!!!!
And shame on any AOer who encorages you to!
If you hack out through a firewall you are compromising the network..............why do you think they paid for the firewall in the first place? Why do they employ Sysadmins?
You will almost certainly get CAUGHT and thrown out of school/fired :mad: Do you think that the firewall is the only tool your Sysadmins have.
You may think you are well cool right now, but you won't when you get roasted for what you are doing.
Please consider my advice carefully..................your futures may depend on it?
Good Luck
I agree with you Nihil, except for people living in coutries were the government supresses access to the internet as a form of opression.
Intersting so far but confusing....
nihil,
how do you know he's running from school or someplace with a sysadmin.
I have a firewall/router and I use some p2p programs that require to configure certain port forwarding in my router. I have not opened up and security breach unless the program itself is exploitable, its the same as running a webserver with forwarding on port 80.
cckid
How does an IDS affect httptunnel? This doesnt make since unless your talking about an IPS that has a rule to block kazaa traffic
I cannot fault that RoadClosed; Democracy is paramount, and many of us do take it for granted, rather than seriously......
What is troubling me, is the apparently increasing numbers of posts like this............are they that far from "how do I hack my girlfriend's hotmail account"?............from a security forum's viewpoint? OK the e-mail account is an invasion of personal privacy, but tunneling through/hacking your institution's internet security and compromising the whole site security, for purely personal and TOTALLY indefensible reasons cannot be justified? (I do not regard SELFISH access to kaazaa, or web chat as conducive to Democracy in a repressed regime................the secret police will have you in 5 minutes, if they stop off for a beer on the way :D )
What really concerns me is that younger people are obviously joining a shared environment, where resources are scarce and expensive; or have just started a job...........and think that they ought to be able to behave just like they did at home with mommy and daddy?
I am concerned about what a few moments of selfish stupidity might do to their career, or the prospect of ever getting to have one.
Thanks for your support as to what tools Sysadmins have.........I am slightly restricted in what I am allowed to say :)
Maybe I should try a social engineering approach: THESE ARE GENERAL COMMENTS!
If you are a young employee or student you are not really contributing very much to the institution. Your site has an IT/IS support Manager and a team of system administrators. They have wives, children, car loans and so on to support? You make fools out of them and they are in fear of their jobs...............and you weren't cool.............YOU CAME CRAWLING TO AO or wherever, because you are too lame to do it yourself :rolleyes: So do not try to say that "they were no good anyway"............better no good than plain bloody useless IMHO
If you take a person in that position, having put their livelihood under threat, how do you expect them to react..............not like mommy and daddy who will ground you for a week..............they will bury you forever, given the chance................corner an animal and it will BITE.
So you get fired..............going to get good job references from your former employer? Get thrown out of school..........it will be on the records for the rest of your life...............not a good start to a promising career.
I have no objection to people having fun, but self-centered, ignorant people who care about no-one but themselves, really piss me off. I hope that you get all that you deserve............Democracy is not one of those things............Democracy is a team effort.
OK soapbox mode off
If this has helped one person from ruining their careers It will have been worthwhile?
Cheers
I think nihil is assuming, (which more than likely he is correct) that this person is one of the many people who show up here asking for advice on how to circumvent current controls that are in place at various organizations. I know that "crafty" end users are always looking for ways to defeat our security. To date, all have been caught and released. I stand behind his statement.
--TH13
I was assuming as TH13 correctly spotted :)
S3cur|ty4ng31 .....................I am guessing that the person is a student, because the request was specifically about kaazaa?..................also " how do I hide from a firewall"..........OK I modified the English.
If you are sysadmin or have those rights (like you OWN the machine), you turn it off or configure it to allow what you want. This was not the question, and no specific FW app was mentioned?...............the question was almost certainly about circumvention?
Or maybe I am just a little paranoid these days?
BTW I have not flamed or negged him.................just given some sound advice I hope? ...and to others?
We have a saying over here that the eleventh commandment is "Thou shalt not get found out" :D
Cheers
You posted exactly what I would have if I saw the post first. Like I mentioned, this site gets a ton of people who post questions asking for advice or techniques for circumventing security controls. Notice that the orignal poster has not responded in a meaningful way.
To the others who have not been here long, soon your reactions will fall in line with Nihil's. All it takes is reading enough posts and soon you'll be able to see through the BS too.
--TH13
:p
I think entirely too much has been based solely off assumptions on the first post. We don't know what network (if any) he or she is working with/around. Is this their personal system with a software firewall and they just want to know how to allow kazaa through their own firewall on their own system.
It sounds to me that there are some very knowledgeable and seasoned sysadms reading this thread. Truth is, you didnt get this far by leaping to conclusions - why start now?
talk to the sysadmin then ask for permission.
if he did not accept your request and you really, really need to load some p2p app, then ask the boss.
if they wont permit you, think why they wont let you.
I think I have to agree with r04dki11 here that too much is being assumed. He could be completely computer illiterate(grammatical illiteracy has already been proven from post :D ) and is just trying to set up a p2p program I do not use kazaa but I find edonkey to be a great source of ebooks and white papers and I have to configure my router or I get a "lowid/firewal problem".
Also I dont see what is so wrong in tying to learn how to circumvent security measures here. Granted that some people may be coming here to exploit certain targets and maybe you should you judgement but when I did research on my masters I posted in forums all the time to learn how certain exploits worked and I would practice them in my own testbed. I still research security flaws and implement them in a test enviroment,amongst a group of colleagues, and at hacktest websites.
If this person is trying to do what is being implied then he will be caught if there are any security measures in palce and he will get what he deserves.
sorry guys... i just like to have a freedom to surf the internet without filtering some sites...
nihil tnx...
From a rather brite new member here at AO posted here
There is a reason why the sysadmin(s) disabled kazaa and other applications.Quote:
They aren't your computers, it isn't your network; computer usage is a privilege not a right.
I know this is a little off topic but since its been mentioned, I would like to know how does one block or detect anyone that is using http tunneling.
Say i have configured my network with a firewall but port 80 is open to allow http access for users in the network. and someone is using http tunneling to run say Kazaa. How do i stop this or find out who is doing it to stop them. Although most people wouldnt be doing this, there might be some out there who do and this will compormise the network and also raise legal issues if the RIAA goes after them and since they are using the companys network, this might result in the company being sued.
Hey all,
Well on this topic I was woundering if there is existing material on how to block Kazaa or if anyone has some tips...I have a win2k environment and I am sick and tired of fighting the battle and ending up the nice guy. Up until now I tried to deal with things on a case by case level, but it keeps getting worse. We can sit here and debate what is stealing and all that but I feel that the workplace isnt the place to have to deal with that. So sorry for the ramble...just tired of reading the sameold stuff...but if anyone has some good info I would love any help I can get. I will put basic technical info below.
Ruffasdagut :)
win2k server runs all the services. A linksys Router just connects to the DSL.
Hi,
I hope that I am not being misunderstood here. I have no objections to enthusiasm or the desire to learn; but I would suggest that there is a time and a place for everything. If I join an organisation, I do not think that it would be wise to learn about systems security by trying to hack into that organisation's systems? or break through its firewall, unless I am security officer/auditor. If I do this sort of thing, I will be detected and dismissed...............my concern is for new and enthusiastic people who will be misunderstood, without someone like myself to speak for them at their "court martial" I do not like to see genuine and basically innocent people get hurt, because they do not understand the rules.
ascii is a perfectly OK person in my opinion.......he said thank you..........AND EVEN SENT ME POSITIVE ANTIPOINTS!!!......... so I guess that my assumptions were close to the target? I believe that a part of AO is to advise those with enthusiasm, and keep them out of trouble. These young people will be the Sysadmins of the future; if they don't ruin their chance by a moments foolishness?
Yes I do care about people, because people have cared about me in the past! I shall " do unto others, as they have done unto me" and whilst I am on the Bible......
"There is more joy in heaven over one sinner who repents, than over 99 just men who follow the way of the law"
If we can turn out one person with a "white hat" rather than a "black hat" then I think that we have done well?
OK.............preacher mode off
I liked the comment about testing in a controlled environment using a laboratory machine. Over here you can get old P2 and P3 machines very cheaply, and should have one. Yes, the "hacktest" website is a brilliant way to learn........very good advice there! The point that I was trying to make is do not do this at your workplace, as you will most likely be misunderstood.
It was a very good post that mentioned the RIAA, and the institutional legal liability aspect. Particularly as we were talking abut KAZAA. Over here you are responsible for your "officers and agents".....that includes employees.............I suspect that a lot of these controls (in Europe at least) might be to satisfy the requirements for the corporate liability insurance policy?
As for "assumptions" well it may be a fine line, but there is a difference between an assumption, and an"educated guess" ????????????? :) Hey, isn't most fault finding based on educated guesses?
I was happy to see that people did not go after ascii and give him negative points :) That was the right way to go IMHO I think he did well by raising what has turned out to be an interesting thread?
Cheers
Boring nihil.......................gotta change my monniker?
Seasoned admins have the ability to anticipate accurately with minimal knowledge. This develops with experience. It is apparent to me and other admins that this post is most likely an attempt to get around a firewall that is not controlled by this user. I can't speak for others but I will continue to make educated assumptions because 90% of the time I can stop a problem before it starts.Quote:
It sounds to me that there are some very knowledgeable and seasoned sysadms reading this thread. Truth is, you didnt get this far by leaping to conclusions - why start now?
:)
just to validate what TH13 is saying, here a later post from ascii:
+=+=+=+=+=+=+=+=+
when i browse on the internet about hacking, sex, gamble, proxy avoidance and etc., websense corporation filtered some sites. therefore i could not browse to this sites, how could i use http-tunneling? i dont have any ideas about our firewall...
+=+=+=+=+=+=+=+=+
which can be found here:
http://www.antionline.com/showthread...364#post660908
i totally understand where ascii is coming from. when i was in school the first thing i wanted to do was override restrictions. Its good that he sees the admins point of view...maybe he will actually think about what hes doing. As an admin now i know these things are done and not necessarly with evil intentions. i know what to look for and i keep watching here and other sites for new ways that its being done. which is what we all should be doing. So helpfull answers to these questions are appreciated
hes been told how to get around the fw (depending on the fw) and warned of the consequences of doing so. His future is in his hands and new admins reading this will now know what to look for in their own networks. that is the point of this site...no?
i guess what im trying to say is there isn't (IMHO) a conflict of interests in giving helpful answers to anti-security questions as long as the consequences of misuse are made known.