Step 2 Circumventing Website Blocking

Alright, so you know how your favorite website is being blocked - now its time to get creative and circumvent that security. I just want it to be known - screwing with someone elses system is never a good thing. I do not condone doing anything malicious to a computer that is not your own, and am assuming that for some ridiculous reason your administrator blocked google.com which is just plain crazy.

First off, there are some absolutely invaluable tools available nowadays to really make things easy. The absolute essential bootcd for any IT person should be a copy of "MiniPE" or some version of "BartPE" (there are also some great linux varieties out there like Knoppix). These are bootable operating systems that usually come jam packed with essential utilities for diagnosing hardware issues, fixing filesystems/registry/etc... and virus/spyware elimination. Instead of booting the computer off your hard drive as usual, it loads completely off the cd and into a ramdisk leaving your hard drive untouched, gives you a windows friendly interface, has NTFS support, and is network enabled. Pop the cd in, and while the computer is rebooting, you need to tell it to boot from the cdrom. Usually you press F2 to go into the BIOS and arrange the cdrom as a higher boot priority than the hard drive, but on some machines (DELL) there is the F12 to boot from another device.

Which technique to circumvent?

IE Zones - simple and quick. Get yourself a usbstick and a copy of portable Firefox. Not only is the firefox browser really superior to IE (gotta love tabbed browsing which IE is implementing in version 7), but it can be put and ran off a usb stick. This means you don't have to have administrator priviledges as its not installed, and Firefox doesn't pay any attention to IE zones. Another option is to simply get a copy of MiniPE (mentioned above) and boot from that - it comes with Firefox browser on it.

HOSTS File - tougher to get around. Essentially to eliminate the HOSTS file blocking you need to edit the file itself (c:\windows\system32\drivers\etc\HOSTS). This is easier said than done as you have to have administrator priviledges to do so. While there are more than a handful of ways to make yourself admin - it'd be a little reckless to go into that. Instead there are some more unobtrusive options available. 1 is to boot using MiniPE above - and you can simply go into the file manager (there are several available to use) and edit the file. Just remove the entries that correspond to the site you're interested in or precede them with a "#" which tells it to be disregarded. 2 is to simply know the IP addresses of your favorite sites. On an unblocked machine, you can go to a command prompt (start->run->cmd.exe) and ping your favorite sites (c:\ping www.google.com). It will come back with the IP address of your site. The hosts file servers to translate your request for www.google.com into the numerical address. If you go into your web browser and use the IP (http://192.168.0.1) the hosts file doesn't have to be consulted at all. Now, depending on how far they went with HOSTS entries, you may find that while the IP for google.com now works, clicking on "Videos" doesn't as this is a different server. So make sure when you go pinging for IPs, that you find all the relevant ones like www.google.com, videos.google.com, images.google.com, etc... 3 is to have an offsite computer than you can remote into for use. Essentially, if you have a computer at home, you can enable remote desktop availability in windows (system properties -> remote desktop) and you can control your home pc as if you were sitting in front of it. While the computer you're on may be blocking your favorite site, your home pc isn't and you can just use it remotely. For remote desktop to work, you must know the IP address of your home computer and depending on your network setup, your computer may need to be placed into the DMZ if you are behind a router w/ NAT. Consult your router manual for details. Also, the network you are on needs to not be blocking remote desktop ports (3389) but few do as it's usually deemed essential for off site productivity (people working from home or on the road). To open up remote desktop at the client PC, its built into windows under programs->accessories->communication->remote desktop. *Note that remoting to your own machine is usually the best call as you really aren't screwing with the machine you are on - as in you're not screwing with someone elses property.

IPSEC/Firewall - this is where things get tough. Most of the techniques to circumvent this are going to be obvious to any administrator and get someone in trouble or fired, so i'm going to try sticking to the less meddling ones. 1 Remote to another machine - just like above, you're not screwing with someone elses computer, just connecting to your own - will work whether its IPSEC or Firewall blocking. 2 Boot from the MiniPE disk and use its copy of firefox. This will eliminate group policy or local policy from being applied as you aren't booting into your normal Windows OS. This will only work with IPSEC filtering as you're using the same network to goto the site, but its unobtrusive. 3 use a proxy server as a middleman for web activity. This is quite easy to do, but comes with some risk if you use an unknown proxy. If you do a google search for proxy servers you will come across thousands of pages with lists of free proxies or paid proxies. Some poeple sell the service as it gives the benefit of anonymous surfing for the most part. These paid for services are probably the most reliable as they should have higher speeds (non-public) and most likely are going to steal your info. The public servers I usually caution people away from, as when using a proxy, all your data goes through a single middleman (the proxy). A public free proxy could very easily be set up by anyone and the proxy administrator could be capturing all the data flowing through its service - stealing passwords/logins/cc#s/etc... The safest thing to do is setup your home computer as a proxy server. Similar to remote desktoping, you use you're own machine to redirect your internet traffic to another computer. Do a download.com search for "proxy server" and get ya a free server to test with. Normally the setup is pretty straightforward - and again if you're behind a router/NAT firewall at home you probably want to put your computer in the DMZ or do some port forwarding (read the manual). On the client machine, its as easy as going into IE tools->Internet Options->Connections->Lan Settings->Use a proxy server. Fill in the proxy IP and Port and you're good to go. Use portable Firefox if you're client computer won't allow you to change IE settings.

To sum up - MiniPE = Good. With it you can really do a multitude of things, but please keep in mind you're on someone elses property so tread lightly. Home PC with remote desktop enabled = Good. Don't even bother trying to circumvent established security - just connect to your own machine. Portable Firefox = Good. Better browser, doesn't need installation, doesn't do zones. While the above info is by no means exhaustive, i've tried to give some real options that keep me kinda feeling ethically guilt free.

http://portableapps.com/apps/internet/firefox_portable = Firefox

http://www.download.com/Proxy-/3000-2165_4-10141329.html?tag=lst-4-6 = Free proxy server

In windows->Start->Help and Support-> Search for Remote Desktop for specifics

Hope this helps someone out there, and good luck. Blocking google.com should be outlawed - shame on them.