Techware Labs Header

Forums have moved

See this announcement for more details, or just go directly there.

  #41  
Old 05-10-2006, 11:33 AM
smartkid smartkid is offline
Techie
 
Join Date: Aug 2005
Posts: 127
Send a message via MSN to smartkid
Default

the error on the forum was becuse of my free host, a friend runs it but the hosting still is far from perfect, its working now for me so sorry
Reply With Quote
  #42  
Old 06-08-2006, 03:18 PM
vee_ess's Avatar
vee_ess vee_ess is offline
Super Moderator
 
Join Date: Aug 2001
Location: Phoenix, Arizona
Posts: 2,781
Send a message via ICQ to vee_ess Send a message via AIM to vee_ess Send a message via MSN to vee_ess Send a message via Yahoo to vee_ess
Default

Quote:
Originally Posted by Jason425
umm yeahhhhhhhhhhh so anywayyyyyyyyyyyyyyyyyyyy... Merc even scares me... don't fight him. He'll tear your head off.
Yeah, Merc is scary. He reads so flippin much, and then he remembers it all.

Tyler, I'm proud to say I'm also self taught and also hate working on computers other than as a hobby. I don't want to be a cop, though.

As for the topic at hand...
Websense is a highly adaptive filter. Any domain that passes through their DNS will be reviewed if it is not in their database. So, if you use a proxy today, their servers will put it in a queue to be checked and it will be detected as a proxy. If you go back a few weeks later, it probably won't work any more, hence Gmail stopped working for you.

Now, as for it detecting Gmail through a proxy? Well, that probably didn't happen. Many inferior proxies can't handle SSL, yet Gmail requires it. The proxy you accessed probably used an iframe or some other method for relaying the encrypted content directly, thus enabling Websense to block it.

I think what Merc has been trying to say is that since you want people to take you more seriously, you should allow yourself to be perceived more professionally. One big step would be to spell words correctly such as loathe and many, as opposed to "lauth" and "menny". I wouldn't assume that your school is trying to be an agist organization, they may have legitimate reasons. Most of the professional organizations I have come across avoid forums, especially when dealing with minors. I know this from personal experience.
Reply With Quote
  #43  
Old 02-27-2007, 12:32 PM
tekmonkey2 tekmonkey2 is offline
Techie
 
Join Date: Dec 2006
Location: behind you
Posts: 26
Send a message via AIM to tekmonkey2
Default damn that filter

ok, here's the thing, i'm being watched so i have to be quick.
first check the blocker you have. if you can sign in as the admin, you can delete the program in the program list that blocks ur mail. i have about 11 pages of work on taking down filters and blockers so just wait until i finish.
i'm working on a program that is once downloaded, deletes the firewall and the filter ONLY if it's stored on the pc itself. i may be a junior techie but i have a hell of a lot of info and expierence under my belt.
Reply With Quote
  #44  
Old 03-14-2007, 04:43 AM
vee_ess's Avatar
vee_ess vee_ess is offline
Super Moderator
 
Join Date: Aug 2001
Location: Phoenix, Arizona
Posts: 2,781
Send a message via ICQ to vee_ess Send a message via AIM to vee_ess Send a message via MSN to vee_ess Send a message via Yahoo to vee_ess
Default

I'm sorry, but that doesn't make any sense at all.

If you can sign in as the admin, you're home free already... Even if you wanted a challenge and chose to insist on using an exploit, why would you ever delete your back door? Instead why not permanently allow a particular proxy, the list that is likely that no one will ever check. I've done some real hacking a time or two, and I've always assumed the hacker mentality to find access and manipulate it, rather than just plug it up for everyone. Then again it's been a couple of years for me, and I might just be out of date from the modern Brute-Force-Delete method.

Pardon my ignorance. But then again, I have never seen large-scale networks operate with client-side filters. They route all Internet bound traffic through a single server that monitors all DNS requests. These systems generally use two methods to filter the most current threats. First, they have an adaptive system that attempts to decipher content and self-update. Second, they automatically report that data to a centralized database for that particular filter, and download updated definition files. This means you can delete anything you want on any client computer, and even load your own OS, but you will still be filtered.

I apologize for the level of aggressiveness in some parts of my post, but the cause is two-fold; I took a test-booster for workout purposes, and also there have been way too many posts about Bess (and others like WebSense, etc.). So in hope of reducing further Bess posts, here's how to bypass those filters via a chained proxy method:
1) Setup an SSL proxy and an HTTP proxy on your own computer.
2) Setup password authentication for the HTTP proxy.
3) Setup your error pages, specifically 403 and 407, to look like legitimate pages (this prevents your proxy from being flagged by the filter's crawlers).
4) Load Firefox or Opera with both the SSL and HTTP proxies set.
5) Access the HTTP proxy, and login; the HTTP proxy will be routed through the SSL proxy automatically.

If this sounds like too much, just use proxy authentication if you know how (that was just a stripped alternative to handle general case). If this is beyond your capabilities, well then that just sucks for you.
BTW, smartkid, the IT guy that outsmarted you was a computer program :P
Reply With Quote
  #45  
Old 01-09-2008, 10:23 AM
allice_cullen_93 allice_cullen_93 is offline
Junior Techie
 
Join Date: Jan 2008
Posts: 3
Send a message via Yahoo to allice_cullen_93
Default

Well im not going to get into this really but i agree with smart kid in that if some IT person said something like that to me i would get mad too but i think that you should not have fought but I guess its over now so it really dosent matter
Reply With Quote
  #46  
Old 01-31-2008, 06:12 PM
blakcshadow blakcshadow is offline
Junior Techie
 
Join Date: Jan 2008
Posts: 2
Default

Websense also blocks certain keywords, so they might have gotten you that way
Reply With Quote
  #47  
Old 06-28-2008, 12:59 AM
papsy papsy is offline
Junior Techie
 
Join Date: Jun 2008
Posts: 1
Default

(I haven't read the entire thread, and I don't intend to)

In response to the OP: It could easily have been DNS related. Even though you were connecting through the proxy, there's a good chance the DNS request (asking for the IP of gmail.com) was passed to the local/default DNS server - which instead of replyng with gmail's actual IP, replied with the IP of the "you have been blocked" page (or did something else not so nice).

Out of curiosity, what happens if you try something like:

http://1245019805/proxy.pl?url=http:.../&proxy=random

By using numbers (instead of hostnames), I'd imagine it circumvents some filters. The basic formula is:

(first octet * 16777216) + (second octet * 65536) + (third octet * 256) + (fourth octet)

So www.samair.ru (66.246.218.29) for example:

(66 * 16777216) + (246 * 65536) + (218 * 256) + 29 = 1123473949

So while http://www.samair.ru/proxy/ may be blocked, http://1123473949/proxy/ might not be.
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 08:51 AM. Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Forum style by ForumMonkeys.