So, like most school districts, ours has Smartfilter DA (Bess Edition), which blocks a lot of stuff we shouldn't be doing at school. That's fine. But it also blocks images.google.com and other image search sites, as well as some legitimate sites and occassionally for stupid reasons. As such, it's become almost an art to circumvent the filters at our school.

Proxy servers are dandy and all but public ones are often overloaded and slow. Tor is always slow, and I can't find a legitimate public SSH tunnel, but then again, why would you want a public one.

Anywho, I got to thinking, "well, my house has a pretty big pipe, I could always run my own SSH server to tunnel out to my house's (unrestricted) connection".

So I want to do this. In windows.

How would I go about setting up, configuring, and connecting to my home SSH tunnel? I have full access to port forwarding on the router and my firewall, and so forth. If anybody could write me up a tutorial or find a good one, that would be greatly appreciated.

Oh, and both machines are on Windows XP. so no Linux SSH server guides. Soz.

You wouldn't really need to do anything except enable a VPN connection on your home server (you need a static IP or a virtual static IP, google how to do that). Then from school, you can just do a VPN to your home PC and it will route your traffic through your home server.

Ok.. I am going to start of by saying, I do NOT condone this. There can be very specific reasons that sites are blocked whether they make sense or not. It could be a matter of bandwidth, liability, and/or security. So that said...

There are some things that you will need to know ahead of time. First thing are outgoing ports blocked at the firewall? If you can not make an outgoing connection on port 22 (or any other port) then you will not be able to tunnel the traffic. Also you will need to be able to load a SSH client. PuTTY will do tunneling and it will run off of a flash drive, IF you have adequate rights on the workstation. VPN is a good solution, but if the machines are limited to where you cannot access the VPN client, AND the VPN port is blocked then again you will not be able to make a connection.

The other option is to build your own proxy, but this is all contigent on what and if they are blocking at the firewall.

It will take me a little time to put some stuff together, but I will get back to you...

Bump.

You wouldn't really need to do anything except enable a VPN connection on your home server (you need a static IP or a virtual static IP, google how to do that). Then from school, you can just do a VPN to your home PC and it will route your traffic through your home server.

...as long as they allow VPN traffic out from the school.

What about remote desktop to your home PC? Then you could just surf on your own box, from school.

...as long as they allow VPN traffic out from the school.

What about remote desktop to your home PC? Then you could just surf on your own box, from school.

If you can't VPN chances are you can't remote desktop.

If I were you Omega, I would give up. They do this in Australian schools too, and for the most part, it's fair. Don't abuse the system, and if you need a particular site for your schoolwork, tell your teacher to talk to tech services. If they say no, there's probably a good reason.

Just because YOU do the right thing, doesn't mean others do. Bear in mind these precautions may be set up for others, and you could be setting a bad example by trying to bypass them.

If you can't VPN chances are you can't remote desktop.


Truth.



Just because YOU do the right thing, doesn't mean others do. Bear in mind these precautions may be set up for others, and you could be setting a bad example by trying to bypass them.

Also truth.

I'm not even going to bother trying to explain what the situation between our school and the district is. It's so horribly messed up right now.

-I don't want to remote desktop and surf from my computer. I know it's pretty much the same thing but I don't want to tunnel anything other than the internet connection for security reasons. last thing I want is my connection going astray and oh god, my computer and everything on it is done for.

-I already know that they're only filtering port 80 and other http ports. Ran a portscan and the only ones that went through bess.scoe.org were http ports. that and we've used proxies/vpn/ssh/telnet/etc before. In fact, I have a proxy now. It's just proxies are sloooooow and often public, whereas my own SSH server wouldn't be public. There would be like three accounts for it tops.


I remember what we used to do was log in to a server via PuTTy, then set firefox's proxy settings to use 127.0.0.1:80 as a proxy server and it went through the server that PuTTy was talking to and it was awesomely fast. The guy that ran that server's taken it down though (a guy by the name of Robin Davis, he went off to college and doesn't run his server anymore). If anybody knows how to do that, it would be awesome. I'm guessing I'll need some sort of SSH server program for windows for the desktop and obviously PuTTy for the laptop.

I don't know mate. I still don't know if it's a great idea to be honest. But I'm the dissaproving motherly sort :P

The proxy that I use at school is 200.52.42.39 Port 8080. It isn't always on during the early hours in the morning, but it's usually up when I need it. You could also try syphon (http://psiphon.ca/download.php). I also found a way to use google image search. First, try simply going to googlee.com instead of google.com. If that is blocked, or redirects to google.com, you can take the blocked url, and replace images.google.com/images... with l.google.com/images...

The proxy that I use at school is 200.52.42.39 Port 8080. It isn't always on during the early hours in the morning, but it's usually up when I need it. You could also try syphon (http://psiphon.ca/download.php). I also found a way to use google image search. First, try simply going to googlee.com instead of google.com. If that is blocked, or redirects to google.com, you can take the blocked url, and replace images.google.com/images... with l.google.com/images...

the filters that SCOE uses blocks ALL google.com/images and images.google domains. Even foreign language ones. We've tried.

Also, it's started blocking Google PDA and whatnot.

I tried, the foreign ones,and they were the same for me, but I found l.google.com and any of google's ip addresses/images... works with websense, at leat. that's an "L" infront of google. You can also see if ask jeeves is blocked yet, because they can't block just the image searches, they have to block the whole ask website, instead. That proxy that I listed is about as fast as the school's net connection. If you use myspace with that proxy, you will have to change the country/language to United States (english), or Estados Unitados (ingles). You should also try syphon.

I tried, the foreign ones,and they were the same for me, but I found l.google.com and any of google's ip addresses/images... works with websense, at leat. that's an "L" infront of google. You can also see if ask jeeves is blocked yet, because they can't block just the image searches, they have to block the whole ask website, instead. That proxy that I listed is about as fast as the school's net connection. If you use myspace with that proxy, you will have to change the country/language to United States (english), or Estados Unitados (ingles). You should also try syphon.

been playing with psiphon. it's working real well internally, now I just gotta get a hardwired box on a DMZ or port forward to this machine. I pretty much got it handled from here. Thanks for the help, dude.

I have the same problem at my school. It is terribly crippling to not have access to Google Images for in-school work. But lately they've just been blocking a lot of random stuff. I use windows skydrive essentially as a go anywhere 5GB flash drive, but they blocked that also. I've given up on trying to get around because the tech guy(s) at our school have too much time on their hands. They essentially look at suspicious programs, and web addresses accessed or installed by students then proceed to block them. With their vigilance its an ultra tight system.

The blocker seems to block a lot of non-inappropriate (inappropriate being games, violence, nudity, etc...) things, and thats why I'd want to get around mine.

-Indybird

Well, As others have said, I don't condone this, but I have had the need at my school also (web sense). One program I have found that works well would be Ultra Surf. But, if you want to set up a SSH on your XP computer, I believe, I repeat, I believe, that you can use openSSH. A tutorial can be found here. (http://lifehacker.com/software/home-server/geek-to-live--set-up-a-personal-home-ssh-server-205090.php)

At my highschool, we used to have a guy that ran a server and used PuttY with it too, as someone else said.
I would have this set up at my house, but the way I get internet (through a WISP) I can't expose my IP.

I hope this helps you in some way.

Trace, see if this link works at school. http://images.l.google.com/images?hl=en&q=mysterious%20cavern&btnG=Search%20Images&gbv%20=2&safe=active It works for me with websense. I'm actually at school right now in "Digital Photography." I was somewhat suprised to find that TBCS isn't blocked.

I'm at school too on their wifi and it worked.

ultrasurf is working very, very well. I still want to set up my own psiphon server, but ultrasurf is working well for now (and it's quick, too). Cheers.

bumping and unlocking for suggestions for filter bypassing under Kubuntu 8.04 (KDE4.1.2 if it makes a difference), sans proxy servers set up in FF of course.

whoops forgot to unlock

As long as you have java, you can try toonel (http://toonel.net). I found it hidden in a shared directory with project 64 at school. Just put a check in the box that says to use SSL. It's on the bottom, if you click the mapping tool. If you have trouble getting/finding it (for download), I can send you the applet. This doesn't matter to you, but when I go into the folder that it's in, it gives me admin rights.