Recently my work place implemented a web filter to keep people off of sites that they should not go to while they are at work. Obviously I have no problem with this as we’re not supposed to be sitting on the Internet all day, but there are some sites that we do need to get to that we use for work purposes and they are blocked by the filter. We are getting a list of blocked sites together to give to IT so they can unblock them for us, but in the meantime I wanted to see if I could circumvent to filter all together.
In high school we had a filter on the computers that blocked stuff like porn and games, but we figured out a way around that pretty quickly. We even went ad far as to install netbus and sub7, which are Trojan’s that gave us almost full access to the lab techs computer, remotely. I knew that web filtering had come a long way since high school so I wasn’t even sure where to start.
I knew a little bit about proxy websites where you would enter the URL of the site you wanted to visit into a text field on these proxy sites, and they would serve the pages through their server and it basically bypassed the filter. I’d never used one of these but it didn’t sound too secure for sites that required passwords and other personal info. And either way, they were all being blocked by the filter. Even if you search google for proxy, the results page is blocked.
So that method was a failure and really the only thing I could think of was to setup vnc or remote desktop at home and login to my home computer and serve webpages through that. While this method will work, it was painfully slow at times (using vnc through a browser if you can’t install apps) and Im not really sure how secure it is and what the IT department can see as far as traffic coming in and out.
At this point I was out of ideas. I’d never really been affected by a web filter so I had no experience trying to circumvent one, which is where my friend G comes in. We got to talking on skype the other night and I mentioned the web filter that work had implemented and how, as a challenge, I just wanted to see if I could get around it. Now G is a little more savvy at some stuff when it comes to computers, he can design, code, and knows servers pretty well. So he mentioned that I could open a secure SSH connection to either my home computer or my web server and tunnel the HTTP requests through either of those instead of the network here. This would allow me to view pages in my browser on my computer here as if nothing ever changed. Only problem was he didn’t know how to do it on a mac, but google helped me out.
I opened terminal on my mac at work, opened a secure SSH connection to my web server, then changed a couple proxy settings in the network preferences on the computer and that was it. I was now requesting pages through my server and sending the packets through a secure connection back to my work computer. All the websites that were blocked were now free to browse.
I had accomplished what I wanted to do. I had successfully circumvented the web filter and had full access to the web as if nothing changed. Once I knew I could do it I set all the settings back to what they were and killed the SSH connection and went back to filtered web. I just wanted to see if I could do it, I never wanted to risk my job and actually sit online all day browsing through an open connection to my server. I don’t know exactly what IT can see as far as that stuff goes so it’s not worth the risk, especially with things in the world as bad as they are.
So I highly recommend not doing this to get around your work web filter as it’s not worth losing your job over, but it could be useful in other places that may restrict your access to the web or just some place you don’t feel safe browsing the Internet on a certain network.
For the exact steps I took to do it, Click Here