Jump to content

Security IT/Bypass

From Wikibooks, open books for an open world

The Net interprets censorship as damage and routes around it. — John Gilmore

Level 1: without configuration

[edit | edit source]

Cached Pages

[edit | edit source]

Some search engines keep cached pages, copies of previously indexed Web pages, and these pages are not always blocked. Cached pages may be identified with a small link labeled "cached" in a list of search results. Google allows the retrieval of cached pages by entering "cache:some-blocked-url" as a search request. Other method it use google translate - worked smilar to web-proxy.

Mirror and archive sites

[edit | edit source]

Copies of web sites or pages may be available at mirror or archive sites such as www.archive.org and the alternate sites may not be blocked.

Web to E-mail services

[edit | edit source]

Web to e-mail services such as www.web2mail.com will return the contents of web pages with or without images as an e-mail message and such access may not be blocked.

RSS aggregators

[edit | edit source]

RSS aggregators such as Google Reader and Bloglines may be able to receive and pass on RSS feeds that are blocked when accessed directly.

URL filtering

[edit | edit source]

Alternative domain names may not be blocked. For example, the following domain names all refer to the same web site: http://wikimedia.org, http://www.wikimedia.org, http://web.archive.org/web/20120224022641/http://text.wikimedia.org:80/ , and http://web.archive.org/web/20120224030658/http://text.pmtpa.wikimedia.org:80/ .

Or alternative URLs may not be blocked. For example: www.blocked.com vs. www.blocked.com/, blocked.com, blocked.com/, www.blocked.com/index.htm, and www.blocked.com/index.html.

Entering an IP address rather than a domain name (http:// or a domain name rather than an IP address (http://wikimedia.org) will sometimes allow access to a blocked site.

Level 2: Configuration connect

[edit | edit source]

IP blocking

[edit | edit source]

Similar to DNS, here it's just as easy. Must use some web proxy (usually doesen't work JS), proxy (which you need to set the browser) or 7 proxies (eg. proxychain) A reverse proxy is (usually) an Internet-facing proxy used as a front-end to control and protect access to a server on a private network, commonly also performing tasks such as load-balancing, authentication, decryption or caching. Websites could use reverse proxy to reroute traffic to avoid censorship.

We'll start with web proxy - are those pages which simply enter the address the page and the service assigns you the other external IP. often you need to try to find the right server and the IP address that is not banned, but allow login (cookies) and as normal surfing. They have one but wade - not always with their level of the page to load correctly (usually about Javacsript) so require such party. CAPTHA They don't display correctly.

To skip this, you become more yourself and try skonifigurować yourself proxy browser. The list of free proxy servers find here 'Firefox'

  1. We enter the Tools> Options (or Edit> Preferences on Linux)
  2. Select the tab Advanced> Network and select 'Settings ...' '
  3. Select the option 'Manual proxy configuration' '
  4. In the 'HTTP Proxy' 'Enter IP address (or host) and port eg. 3128
  5. Click Use this proxy server for all protocols
  6. Then click OK to confirm everything and ready.
  7. When you want to stop using a proxy simply select Settings No proxy

You can also use the plugin called AnonymoX, which automatic pulls and joins the list of available proxy fastest.

For the other programs should review their documentation.

Is to very simple, just use other DNS provider eg. OpenNIC here you find configuration DNS for popular systems.

Level 3: Encrypted connect

[edit | edit source]

Man-in-the-middle attack

[edit | edit source]

electronic signature

VPN blocked

[edit | edit source]

if your network administrator blocks the standard port (PPTP or L2TP), just switch to another port (like 80 or 53) of the your VPN client. if blocked afther IP Try other server - eg. VPNgate share over 3000 servers for free. if blocked connect VPN by DPI, can establishing an SSH/TLS tunnel, a user can forward all their traffic over an encrypted channel, so both outgoing requests for blocked sites and the response from those sites are hidden from the censors, for whom it appears as unreadable SSH traffic. Some VPN providers offer it called stealth VPN.

Network enumeration

[edit | edit source]

that the system was the least vulnerable are:
1. Evently update system

sudo apt-get autoclean
sudo apt-get autoremove
sudo apt-get update
sudo apt-get dist-upgrade

2. Evently change password
3. Activate firewall
4. Use antivirus
5. check system files for presence rootkits.

Keywords

[edit | edit source]

Try hybrid methods from DNS, proxy or VPN.

Level 4: Manipulation packets

[edit | edit source]

TCP reset attack

[edit | edit source]

If you drop all the reset packets at both ends of the connection, which is relatively trivial to do, the Web page is transferred just fine.

Level 5: Steganography

[edit | edit source]

The practice of embedding useful data in what looks like something irrelevant. The simplest method it includes text of a document can be broken into its constituent bytes, which are added to the pixels of an apparently innocent picture. The effect is barely visible on the picture, but the recipient can extract it with the right software. Effective for getting information out, but slow.

methods hide information on other covers in next book

References

[edit | edit source]