SSH Tunneling

[valmore]

Hi All

This is my situation at present, I am a border and my school has officially gone wonky with internet restrictions. They've installed OpenDNS and put the filtering on beyond maximum and added quite a few custom restrictions to their firewall (Like Gmail for some unknown reason!!!) :wtf:

I've spoken to all the necessary people but no one is going to budge, and so I wanted to know if it would be possible to create a secure encrypted tunnel that goes via their proxy server (that's on the LAN) to a PC at my house, thus enabling me normal access to the internet.

The internet is shut off at 10:00pm and started again at around 6:30am but if you (for example) start a Skype call or download it will continue until the downloads' connection is dropped or the call is put down. Thus my question is would there be a way to keep this tunnel open after the internet has been "shut-off" so internet usage can continue.

All ports other then port 80 have been blocked restricting things further. I seem to remember hearing somewhere that it might be possible to forward all the ports into the tunnel and then send them on their way again on the other side.

I am completely open to try any possible solutions, just let me know.

Thanks in advance
Cheers
Valmore

 

[FaTaL]

I suggest you get yourself Bitvise Tunnelier.

What you can do is setup a SSH server (Linux box for example) at your home to listen on port 80.
Then from your computer at school, tick the "Enabled" box for SOCKS / HTTP Proxy Forwarding under the Services tab of Tunnelier. The default details under the tickbox should be fine.
You can then SSH into your home box from school using port 80 (Tunnelier allows you to enter proxy details for the connection) (Login tab)

Once you are connected, just change your browser proxy settings to use the SOCKS proxy at 127.0.0.1 Port 1080 and viola, unrestricted internet!
You can then get any other application that supports socks proxies to work in the same manner.

If they don't drop existing connections after 10pm, then you should be fine unless the net drops temporarily or something.

 

[The_Unbeliever]

best ask yourself why they enabled such strict restrictions. If you try to bypass it, you might get yourself into trouble.

 

[valmore]

@ FaTaL
> Thanks for the help! I'll try it as soon as I can and get back to you

@ The_Librarian
> The reason that they put such strict restrictions up is because they were having problems with line speed during normal school hours, but I intend to use the internet at night when there are 1/4 of the pupils online, so I don't see this as such an issue

 

[FaTaL]

Yeah, if you are going to quite obviously bypass their restrictions, you have to be ready to accept the consequences if you get caught!
That said, I find it quite strange that they disable the internet after 10pm.. sounds like a measure to prevent people from staying up too late or something. If you have good self control, I can see that being quite annoying!

If you do this, you might want to be careful to keep your usage low after 10pm. If they look at their bandwidth graphs at all and you are a heavy user, they might notice an unusually high amount of usage after 10pm.

 

[markings]

Don't you need your own (home) internet connection to connect to the school server? Why not use that for all 'work' you do from home?

 

[Asha'man X]

Generally speaking, this is a dangerous thing to do. If the network admin spots this, they usually come down on you like a ton of bricks. I would know, I do this with kids at our school who fiddle around too much. This kind of thing can lead to all sorts of miseries like being cut off from the net for the rest of your school years and so on, so be careful.

 

[valmore]

Don't you need your own (home) internet connection to connect to the school server? Why not use that for all 'work' you do from home?

Yes, I do have a home internet connection but I am at boarding school during the month and so I only have access to my home internet every so often, and yes, it is 'work'. I'm sure you've sat up late trying to finish something, now just imagine you can't complete it because the internet is down and you can't get the sources you need? Last time that happened I ended up using my phone as a modem and R90.00 worth of airtime later I had a project.

Generally speaking, this is a dangerous thing to do. If the network admin spots this, they usually come down on you like a ton of bricks. I would know, I do this with kids at our school who fiddle around too much. This kind of thing can lead to all sorts of miseries like being cut off from the net for the rest of your school years and so on, so be careful.

Thanks for the warning, I'll be sneaky!

General Note: I'm not doing this to game or download, to attempt to do this would be insane. I only have a 384 line at home and so the up speed is almost nothing and the lat for any form of gaming would mean it just wouldn't work. This is just so I can use the internet as I'm sure any of you reading this can.

Thanks for all the help so far

 

[markings]

Yes, I do have a home internet connection but I am at boarding school during the month and so I only have access to my home internet every so often, and yes, it is 'work'

I still don't get it. No matter where you are, at home, or in your room at boarding school, you need an internet connection to connect to the school server via some 'tunnel'. If that is the case what does connecting to the school server bring you which you can't get via a direct internet connection?

 

[FaTaL]

I still don't get it. No matter where you are, at home, or in your room at boarding school, you need an internet connection to connect to the school server via some 'tunnel'. If that is the case what does connecting to the school server bring you which you can't get via a direct internet connection?

My understanding is this:

He is boarding at his school. His computer in his dorm room is connected to the school network, and hence has (limited) internet access. He has a internet connection at home. So if he sets up an SSH server at home, he can connect through the school's internet (from his dorm room) to his home computer and setup a tunnel. When using the tunnel, a webpage request will first go through his school's network, through the proxy server to his come computer (through the tunnel) and get his home computer to fetch the webpage, which will then get sent back the way it came.

 

[valmore]

My understanding is this:

He is boarding at his school. His computer in his dorm room is connected to the school network, and hence has (limited) internet access. He has a internet connection at home. So if he sets up an SSH server at home, he can connect through the school's internet (from his dorm room) to his home computer and setup a tunnel. When using the tunnel, a webpage request will first go through his school's network, through the proxy server to his come computer (through the tunnel) and get his home computer to fetch the webpage, which will then get sent back the way it came.

Perfectly Explained

 

[markings]

Perfectly Explained

OK, can you also answer the question about what is gained using this scheme as opposed to accessing the webpage directly?

 

[valmore]

Often the web pages are blocked and so this would provide an easy(er) way than having to keep finding new proxies to be able to use things like Gmail.

It would also remove the usage time restrictions because the tunnel (apparently) would be kept open after 10:00pm when the internet is shutdown