Language:
switch to room list switch to menu My folders
Go to page: First ... 29 30 31 32 [33] 34 35 36 37 ... Last
[#] Wed Mar 04 2009 14:59:38 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

okay here's an odd one.
Is there a publicly available proxy server?

I'm still fighting firewall problems, and it just occured to me that while I can't get our company'sproxy servers to work, I have a tunnel out, so I just need a proxy server somewhere on the web I can use.
And I'd really rather not install one myself, unless it's braindead simple.

[#] Wed Mar 04 2009 15:00:10 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

oh, for linux.

[#] Wed Mar 04 2009 15:05:35 EST from rod @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

You can proxy through SSH on a Windows box
http://kimmo.suominen.com/docs/proxy-through-ssh/

Same idea to proxy through a linux box. Use it all the time for testing the "outside".

You'll actually need another computer to proxy through though.

If you don't have one, let me know. You can use my cgi web proxy or a ssh shell on one of my servers.


[#] Wed Mar 04 2009 15:07:48 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

well I just found micro_proxy, I guess I ahven't been paying attention, there's tons of these.
Now I'm just trying to figure out what happened to inetd
I know it chnged to xinetd a while ago, now I'm running ubuntu is there a similar service like inetd?

[#] Wed Mar 04 2009 15:31:18 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Amazing.
After all these years I never noticed I wasn't running [x]inetd.
So I got it working.
tunnels and packetbouncers and proxys all over the place, but I can update eclipse and it works.
Slow as shit but it's better than zero.

[#] Wed Mar 04 2009 15:57:30 EST from rod @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

You can still do xinetd if you want to; it's in /etc/xinetd.d if you haven't found it already.

[#] Wed Mar 04 2009 16:14:21 EST from Peter Pulse @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

You can use a socks proxy too, firefox supports it, just plug in the ip address of your socks proxy and you're done.

[#] Wed Mar 04 2009 16:16:13 EST from Peter Pulse @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Hey, I am buying some SATA cables.. I never had to buy SATA cables before, I only put SATA drives into exteral enclosures thus far, I haven't needed cables. Anyway, my question is, can I just get SATA II cables and use them?
Or do I have to worry that my motherboard or drives might be SATA (not SATA II)???

[#] Wed Mar 04 2009 16:24:30 EST from rod @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I didn't know there was a difference; mine look like this:
http://www.computervideogear.com/sata/images/sata18ra1-l.gif
My drives just said 3.0Gb/sec. Is that sata I or II?

[#] Wed Mar 04 2009 16:27:11 EST from Peter Pulse @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

3 Gb/sec is SATA II

[#] Wed Mar 04 2009 17:14:03 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Hey Ford, are you familiar with "ssh -D" ?? If not, read the man page and rejoice. It turns your SSH client into a SOCKS proxy, which you can then point your browser (or whatever) at. Any connections sent to the proxy come back out (and then presumably go out to the Internet) on the machine you are SSHing to.

[#] Wed Mar 04 2009 17:45:24 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

You can use a socks proxy too, firefox supports it, just plug in the ip

address of your socks proxy and you're done.

The problem is eclipse. I'm trying to do software updates from eclipse on my sandbox (since I finally got vnc working, it's now at least somewhat usable to use eclipse on the sandbox.)
Of course I'm not there yet, now I'm fighting to get subversion to work, then I'm sure nothing will compile, but I'm getting closer.

[#] Wed Mar 04 2009 17:52:53 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Hey Ford, are you familiar with "ssh -D" ?? If not, read the man page

and rejoice. It turns your SSH client into a SOCKS proxy, which you

That's the kind of thing I was looking for, but it's got to be an http proxy, the new standard of firewall avoidance.
Tell me they don't have an ssh or some other type of tunnel that can maintain a persistent socket over an http proxy. That's all we REALLY need, then everything's fair game.

With judicious use of my packetbouncer, a few ssh tunnels and micro_proxy, I've gotten past that hurdle.

[#] Wed Mar 04 2009 22:42:07 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

If you've got some control on the server end, you can get past most firewall nazis by running your SSH server on port 443. This will work unless the firewall nazi has actually blocked HTTPS (which is unlikely), because HTTPS cannot be proxied at the application layer.

There is in fact a large market now for VPN servers that do SSL-encrypted tunnels on port 443 instead of, or in addition to, IPSEC ... expressly for the purpose of allowing the clients to punch through firewalls.

[#] Thu Mar 05 2009 11:36:08 EST from fleeb @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


I loved the name I had for my BBS... shortened form was Mach's Mach (which just looks funny). I also loved my handle, but couldn't retain the use of it because so many other people seemed to claim it on the interwebs.

So, I reverted to using 'fleeb', which is somewhat more unique (although all the Frank Leebs out there seem to screw it up for me).

[#] Thu Mar 05 2009 13:04:48 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

I think it's a safe bet that I am the only IGnatius T Foobar on teh entire intarwebs.

[#] Thu Mar 05 2009 13:36:45 EST from LoanShark @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]


I'm the real LoanShark yes I'm the real Loanshark all you other fake LoanSharks are just imitating, so won't the real LoanShark please stand up?

[#] Thu Mar 05 2009 17:09:22 EST from Ford II @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

If you've got some control on the server end, you can get past most
firewall nazis by running your SSH server on port 443. This will work

unless the firewall nazi has actually blocked HTTPS (which is
unlikely), because HTTPS cannot be proxied at the application layer.


Maybe you can splain this to me.
I had this eureka moment one day a number of years ago at at&t when I realized, wait they can't possibly proxy 443 without being a man in the middle attack, and I figured all sorts of things that I knew the server's ssh host for would come up incorrectly.
So sure enough I telnetting to 443 (setting up 443 on my machine for something else) and voila, clear way out.

Then I got to harris, and I figured the same thing.
Nope.
They somehow proxy https traffic. I don't know how, never bothered to look into it much, but I can't imagine how they're doing it.

[#] Thu Mar 05 2009 19:41:07 EST from rod @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

What happens when you telnet to the proxy on 443?
Maybe you have an ssl session with the internal proxy and the proxy connects externally. ??

[#] Thu Mar 05 2009 23:08:16 EST from IGnatius T Foobar @ Uncensored

[Reply] [ReplyQuoted] [Headers] [Print]

Ford: you are correct that they can't proxy HTTPS without setting up a man in the middle attack. So now you've got to remember the answer to an important question:

--> The first time you connected to an encrypted web site through your company's firewall, did you accept a certificate from the firewall itself?

That's the only way I could see that being done. The firewall could issue a locally signed wildcard certificate, force all of its users to accept it once, and then use that for proxying HTTPS connections.

Go to page: First ... 29 30 31 32 [33] 34 35 36 37 ... Last