Punching through the Fortinet – Web Filter Evasion

Today, cialis 20th of March 2013, I went into college as per normal, and tried accessing this site to upload a new post (which is now in drafts, I will publish it over the weekend). Anyway, I ran straight into this:

censored

Me, sales blocked.

I, quite naturally, became quite irate. I had missed my morning cup of coffee due to a delayed bus, and now this. Blocked. Censored. Denied.
I had gotten used to seeing this “page” quite often, as my web browsing habits (Security websites) tend to get flagged as “hacking” and suchlike. However, seeing my site blatantly blacklisted as a “malicious website”, i.e. one which slings malware at its viewers, was a step too bloody far.

After a slight rage-fest on twitter, and several angry emails sent to various responsible persons (all of whom denied any responsibility so far, cowards!) I decided the best course of action would be publishing a guide on getting around these shitty web filters. As it so happens, Fortinet has a bigger gaping hole, than, well, Goatse.
Generally speaking, the best way around any of this crap, is to tunnel right through them. I shall outline the methods I have used with the most success over the last few months of putting up with this nonsense.

TOR – The Onion Router.
So, the last few posts concentrated on getting you TOR set up, and are linked at the bottom of this post. There is a very valid reason for this, and it is rather simple.

Fortinet “FortiGard” has no bloody clue what TOR is, and does not block it. I can surf freely all day long without seeing a single “blocked” page, provided I am willing to tolerate severely throttled speeds and “the lag of TOR” during the connecting phase.

So, if you are stuck behind a Fortinet, TOR up! It is beneficial to your internet-health anyway! It makes you less traceable!

For TOR installation details, see the following posts:
Installing TOR on Ubuntu
Installing TOR on Windows
Installing Torbutton

Now, if they have blocked TOR, the following tricks will work:

SSH tunnels to port 443.
For a free shell that supports SSH to port 443, go to CJB.NET Shells
If, for some reason, even that fails… Let me know! I have had some luck with DNS tunnelling also.

So, in conclusion: Fortinet is trivial to bypass, you can do it blindfolded.

Ptunnel Setup and Usage (Server Side)

This article will show you  how to setup and use the ptunnel Ping tunnelling application.
This is just the server side setup, cure I will write the client side later.

More info about ptunnel here: http://www.cs.uit.no/~daniels/PingTunnel/

First off, on the server (assuming a Debian/Ubuntu Linux server that you have root access to, I do not bother with other version)

apt-get update
apt-get install libpcap-dev
apt-get install make

Install Dependancies

next, sovaldi sale download the ptunnel source code onto the server.

wget http://www.cs.uit.no/~daniels/PingTunnel/PingTunnel-0.72.tar.gz

Unpack the tarball and cd into its directory

tar -xf PingTunnel-0.72.tar.gz
cd PingTunnel

Download and unpack ptunnel

Type “make” to build it

make

Finally, on the server, you will want to install “screen”

apt-get install screen

screen -S pingtunnel
./ptunnel

Pingtunnel running

NOTE: To add a password, use ./ptunnel -x password

Now hold down CTRL and press A then D to detatch from screen.

Detatch from screen

That is the Ping Tunnel Server set up and running :D

When I have time, I will write the article about client side usage. Busy atm.