HTTP Tunneler

[Armin]

Well I'm at school right now and I'm basically just pissed that almost every website I try to go to is blocked. When I get home, I'll probably install a HTTP Tunneler on my server. Anyone know of any decent remote HTTP Tunnelers written in PHP?

[iago]

Can you connect to external computers on port 22?  If so, you can tunnel through SSH, that's the best way. 

Alternatively, install an HTTP Proxy (not Socks) that runs on port 80.  An HTTP proxy basically tunnels HTTP requests over HTTP. 

[Sidoh]

I'm not very experienced in this area, but I don't think using a Proxy would make much of a difference.

Also, if your filter doesn't overlook content (IE page title, first few blocks of HTML, etc), you're still screwed even if you use HTTP tunneling.

[iago]

True, it would have to be encrypted.  I think you can  use a proxy over SSL, though.

[Sidoh]

True, it would have to be encrypted.  I think you can  use a proxy over SSL, though.

Yeah, I think that would work too, unless the content filter is in some way able to request/obtain the encryption key.  But then not very many pages on the internet have secured versions. :\

[iago]

True, it would have to be encrypted.  I think you can  use a proxy over SSL, though.

Yeah, I think that would work too, unless the content filter is in some way able to request/obtain the encryption key.  But then not very many pages on the internet have secured versions. :\

Well, you'd set up a proxy, which uses SSL.  Between the proxy and the destination page, who cares?

You <==encrypted==> filter <==encrypted==> your proxy <==unencrypted==> destination

[Blaze]

I just use www.formetopoopon.com to get around anything.

[Joe]

The filter sits right between you and the proxy and has access to everything you say to eachother, including the key exchange. Wheather it takes advantage of that or not is beyond me, but it has the ability to.

[iago]

The filter sits right between you and the proxy and has access to everything you say to eachother, including the key exchange. Wheather it takes advantage of that or not is beyond me, but it has the ability to.

No, because SSL uses public key cryptography.  I don't feel like explaining it again, but suffice it to say, public key cryptography isn't vulnerable to being sniffed, that's the entire point. 

[Sidoh]

The filter sits right between you and the proxy and has access to everything you say to eachother, including the key exchange. Wheather it takes advantage of that or not is beyond me, but it has the ability to.

What iago said.  It doesn't...

There isn't any key exchanging in public key cryptography.

[Quik]

Just install apache and php and grab a webproxy script (something like ezproxy.net if it were ever up) and mirror pages in a frame.

[iago]

The filter sits right between you and the proxy and has access to everything you say to eachother, including the key exchange. Wheather it takes advantage of that or not is beyond me, but it has the ability to.

What iago said.  It doesn't...

There isn't any key exchanging in public key cryptography.

There IS key exchange, but it's public keys.  When symmetric keys are exchanged over SSL (I'm pretty sure they are), they're encrypted with a public key.

[Sidoh]

There IS key exchange, but it's public keys.  When symmetric keys are exchanged over SSL (I'm pretty sure they are), they're encrypted with a public key.

Oh yeah, forgot the public/private keys had to be relational.  Silly me.

[Joe]

Er, when we were discussing MITM attacks, didn't you say that if you have the persons public key, you can read what they're saying, just not say something for them?

[Ergot]

Hmm I think it might be the other way around... You can send things but you can't read them.