Welcome, Guest. Please login or register.
Forums
« previous next »
Pages: [1]   Go Down

Author Topic: A challenge..  (Read 6546 times)

Description:

0 Members and 1 Guest are viewing this topic.

Offline pyrreTopic starter

A challenge..
« on: March 25, 2011, 01:29:06 PM »
I just received a challenge from my It manager.

At my work we have client computers located behind a firewall and an iron gate server.
The computers do not have admin accounts local. All is managed by active directory.
And certain websites are blocked at request from management.

The servers are intelligent enough to identify any http traffic outside the ordinary. Like http tunnel traffic.

However, my challenge.

Set up a HTTP tunnel server at home.
and run the traffic via the https protocol and encrypt it.

The purpose of this is to be able to browse any website i want.
And of course, the challenge of  braking through the irongate. :D

can this be done?
Logged
Amiga 1200 Tower Os 3.9
BPPC 603e+ 040-25/200, 256MBram, BVIsionPPC, Indivision AGA MK2.
Amiga 2000 (rev 4.0) Os 1.2/1.3
2088 bridgeboard, 2MB ram card, 2091 SCSI.
Amiga 500+ Os 2.1
Derringer 030, 32MBram, Buddha in sidecar, Indivision ECS.
Amiga CD32
Video decoder
 

Offline pyrreTopic starter

Re: A challenge..
« Reply #1 on: March 26, 2011, 11:04:04 AM »
@ all

No it is not for porn. i do that at home :D
And my boss has nothing to do with it. at all...
it is just me and the it management.
The IT dude meant it could not be done. the irongate would scan the datastream and detect http tunneling and discard the traffic.

I claimd if i did it over https and encrypted the stream it would not detect it. and would not discard the transmissions...
I have no clue to how to do it. which is why i asked...
Logged
Amiga 1200 Tower Os 3.9
BPPC 603e+ 040-25/200, 256MBram, BVIsionPPC, Indivision AGA MK2.
Amiga 2000 (rev 4.0) Os 1.2/1.3
2088 bridgeboard, 2MB ram card, 2091 SCSI.
Amiga 500+ Os 2.1
Derringer 030, 32MBram, Buddha in sidecar, Indivision ECS.
Amiga CD32
Video decoder
 

Offline pyrreTopic starter

Re: A challenge..
« Reply #2 on: March 27, 2011, 02:27:27 PM »
Quote from: Zac67;624829
He should be looking out for a new job...

As long as HTTP connections are not completely blocked or 'whitelist only' you can certainly circumvent ANYTHING. Those irongates are smart but not omniscient.

You could obfuscate the real URL you're querying into some wild session-id like number and put the response into, say a GIF image. Locally (behind the irongate) you'd run a rather simple proxy that obfuscates the URLs and extracts the responses from the GIFs. At home you'd have a proxy doing exactly the opposite. All the irongate would be seeing is you retrieving GIF images from some server.

If the irongate allows for HTTPS then everything is VERY simple: set up a standard HTTP proxy with an SSL listening port and connect to that. Done.

There is only one problem:
You have to use the internal proxy. If you change any proxy settings, the irongate blocks all of your traffic, even Lan activity.
You can only mask any traffic within the http(s) protocol.
Logged
Amiga 1200 Tower Os 3.9
BPPC 603e+ 040-25/200, 256MBram, BVIsionPPC, Indivision AGA MK2.
Amiga 2000 (rev 4.0) Os 1.2/1.3
2088 bridgeboard, 2MB ram card, 2091 SCSI.
Amiga 500+ Os 2.1
Derringer 030, 32MBram, Buddha in sidecar, Indivision ECS.
Amiga CD32
Video decoder
 
Pages: [1]   Go Up
« previous next »