Punching through the Fortinet – Web Filter Evasion

Today, cialis 20th of March 2013, I went into college as per normal, and tried accessing this site to upload a new post (which is now in drafts, I will publish it over the weekend). Anyway, I ran straight into this:


Me, sales blocked.

I, quite naturally, became quite irate. I had missed my morning cup of coffee due to a delayed bus, and now this. Blocked. Censored. Denied.
I had gotten used to seeing this “page” quite often, as my web browsing habits (Security websites) tend to get flagged as “hacking” and suchlike. However, seeing my site blatantly blacklisted as a “malicious website”, i.e. one which slings malware at its viewers, was a step too bloody far.

After a slight rage-fest on twitter, and several angry emails sent to various responsible persons (all of whom denied any responsibility so far, cowards!) I decided the best course of action would be publishing a guide on getting around these shitty web filters. As it so happens, Fortinet has a bigger gaping hole, than, well, Goatse.
Generally speaking, the best way around any of this crap, is to tunnel right through them. I shall outline the methods I have used with the most success over the last few months of putting up with this nonsense.

TOR – The Onion Router.
So, the last few posts concentrated on getting you TOR set up, and are linked at the bottom of this post. There is a very valid reason for this, and it is rather simple.

Fortinet “FortiGard” has no bloody clue what TOR is, and does not block it. I can surf freely all day long without seeing a single “blocked” page, provided I am willing to tolerate severely throttled speeds and “the lag of TOR” during the connecting phase.

So, if you are stuck behind a Fortinet, TOR up! It is beneficial to your internet-health anyway! It makes you less traceable!

For TOR installation details, see the following posts:
Installing TOR on Ubuntu
Installing TOR on Windows
Installing Torbutton

Now, if they have blocked TOR, the following tricks will work:

SSH tunnels to port 443.
For a free shell that supports SSH to port 443, go to CJB.NET Shells
If, for some reason, even that fails… Let me know! I have had some luck with DNS tunnelling also.

So, in conclusion: Fortinet is trivial to bypass, you can do it blindfolded.

7 thoughts on “Punching through the Fortinet – Web Filter Evasion

  1. also works on omniquad depending on the settings, Like alot of products i see while testing. There is so much out there that i have that been half setup or just sitting on the network doing nothing lol

    • also works on omniquad depending on the settings, Like alot of products i see while testing. There is so much out there that has been half setup or just sitting on the network doing nothing lol

  2. If the Fortigate is configured to block only by web filter, you can use tor without problems. If the admin turns on application level packet filtering (“Application Control”) and decides to block Tor, a normal install of Tor won’t suffice. Same is true for TCP over DNS and SSH tunnels. There are special versions of Tor which mask the packets as a different kind of protocol/application and thus bypass the FortiGate Application Control.

  3. And here we go again:
    Question: Do you manage that Blog server? I guess you only use this and not manage this. How do you know that this Blog server does not send out malware?
    Fortigate web filtering is an active service that is updated from thousands of fortigates over the world, when malware, virusses, trojans and other nasty stuff are detected that website is automatically listed as malicious.
    Your TOR solution might have worked in this case but only because the network administrator did not block DNS rough servers.
    TOR is easily blocked, Only allow DNS resolution to registered DNS servers and setup an application filter to block TOR and TOR2WEB on a fortigate.

  4. As an admin, circumventing security protocols is grounds for immediate dis-missal and possible legal prosecution. Oh and TOR / I2P is simple to block with a Fortigate. It is highly irresponsible to advocate criminal behavior.

    • Nothing criminal about bypassing censorship in my country, arguably, the censorship at an educational institute is questionably legitimate at best.

Leave a Reply to Leen van gent Cancel reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>