Circumventing Network Filters Or Internet Censorship Using Simple Methods, VPNs, And Proxies

Internet censorship is the control of, or the suppression of information on the Internet.

It is most commonly achieved by blocking a user’s access to specific resources. The filtering of available information and resources can be based on a blacklist or it can be dynamic. In the case of a blacklist, that list is usually not published and may  be produced manually or automatically.
Due to the underlying distributed technology that the internet is comprised of the total censorship of information is very difficult if not impossible to achieve. The following article shows many ways, simple and complex, that information may be accessed or transfered using the internet’s distributed nature to bypass information filtering and censorship. In the long run censoring of information only harms the people who it is designed to protect. Many would argue that the censorship is not about protection but control and the enforcement of religious, economic or politically based ideals.

Depending on the method used to implement the censorship, the amount of effort and knowledge required to circumvent it may be trivial. It rarely takes more than a few minutes to bypass restrictions that are in place. In some cases a little more effort may be required but it is not beyond the reach of the average user. The following information isn't only applicable to internet controls, some of the methods below are useful when needing to bypass home or office network restrictions too.

Simple Methods To Try First

Many of them will work at least some of the time in many situations. However, they are also easy to detect and block

Pros:

• Easy
• Quick to try

Cons:

• Easy to detect
• No anonymity
• They do not encrypt or otherwise hide your communications
• Easy to block, vulnerable to keyword-based blocking and monitoring

Cached Pages And Mirror Sites

Many search engines keep copies of Web pages they have previously indexed called cached pages. When searching for a Web site, look for a small link labeled "cached" next to your search results.
The most well known is obviously Google. You can retrieve Google’s cached version of a page via the cache: search operator.

EG: type "cache:www.notascoolasitseems.com / " into Google’s search box.

This will take you directly to the cached version of the page if it is available. Since you are retrieving a copy of the blocked page from the search engine's servers and not from the blocked Web site itself, you may be able to access it. Because this is so simple some countries have targeted caching services for blocking, as well.
There are also " mirror" services available on the net these duplicate the content for various reasons eg http://www.mirrordot.com/ (woohoo will you look at that background) was created to try and reduce the slashdot effect. 

Translators

There are many language translation services available on the Internet, some provided by search engines.

When you access a site via a translation service, the translation service is accessing the blocked site, not you. This allows you to read the blocked content translated into a number of different languages.

You can use the translation service to bypass blocking, even if you don't actually need to translate the text.

Do this by choosing translation from a language that does not appear on the original Web site back to the original language. 

EG: To access NotAsCoolAsItSeems translate from Chinese to English. The translation service translates only the Chinese sections (there are none), and leaves the English sections (which is the whole Web page) untranslated.
See here as an example 

Popular translation services:

• Babelfish
• Google Translate

Access Web Pages Through E-mail

These services are intended for people with slow or unreliable Internet connections they let you request a web page via e-mail. The service sends an e-mail that includes the requested web page in the body of the message or as an attachment. You could use them from a secure web mail service. Web2Mail is an example of one of these services.
 
By default, Web2Mail Lite delivers web pages as HTML without including any web page images. You may choose to have images included if you wish. To use it, send an e-mail message to www@web2mail.com with the URL of the Web page you want in the subject line.
Web2Mail Lite even allows you to search the web by email. For example, to search for "circumvention of censorship" send an email to www@web2mail.com with the subject "search circumvention of censorship ". 

RSS Aggregators

Many websites have one or more RSS feeds, RSS stands for "Really Simple Syndication" An RSS aggregator connects to other sites, downloads the feeds that you have selected, and displays them. This is not the same as having an application on your own PC that directly accesses and downloads the RSS feed. It is usually a third party site that displays the news for you in a browser. Since it is the aggregator service connecting to the site and not you, you may be able to access information that would otherwise be blocked. This technique works only for sites that publish RSS feeds of their content. It is most useful for blogs and news sites. 
There are many free, online RSS aggregators available. Some of the most popular ones include Google Reader and Bloglines

Low-bandwidth Filters

As with translation and aggregation services, you can also use low-bandwidth filters to bypass simple web site blocking by fetching web sites from the service rather than directly accessing it yourself.
At the time of writing http://www.loband.org/loband/main is available for use.

Alternative Domain Servers, Domain Names And Modified URLs

DNS servers translate a human-friendly Web address such as www.google.com into the IP address that identifies the specific server with that page on the Internet. This service is most often provided by DNS servers maintained by your Internet Service Provider (ISP). Simple DNS blocking is implemented by giving an incorrect or invalid response to a DNS request.

You can potentially bypass this type of blocking with these techniques: 

Type the IP address manually into your browser to go to the sites main page.

EG: "209.85.227.147" at the time of writing will take you directly to Google

The format is "ipaddress"/blocked.htm

This page will give you the IP address of a domain.
 

Obfuscate URLs and IP addresses to bypass URL filters.

Specifying an IP address (as stated above) in a numerical base other than base 10  
 EG:  64.233.169.104 , another IP address of Google
Due to the relative obscurity of using this method to denote an IP or URL.  It is possible that URL filtering tools and existing security products may lack support to correctly identify the URLs as valid or flag them as being blocked.

Octal (8) , hexadecimal (16), and even a single 32bit numbers work in most web browsers and each will take you to Google or which ever IP you have converted. 

Use this to convert an IP Address if you need to. There are other free stand alone tools you can download on the net to do this.

Alternate Domain Names
One of the most common ways to censor a web site is to block access to its domain name, for example, "news.bbc.co.uk". However, sites are often accessible at other domain names, such as "newsrss.bbc.co.uk". Google is also available from "www.gooooooogle.com". Misspellings of the domain or the addition of news rss or even changing the domain suffix( .org .com .net etc ) can sometimes be successful. 

If one domain name is blocked, try to see if the content is available at another domain, does another domain name point to the same resource?

Modified URLs

The success of modifying a URL is dependent on how specific the blocking method is.

Some of these examples might give you an idea of how to bypass simple filtering that only blocks specific pages of a site.

Blacklisted page address :  www.blacklisted.com
Possible working modification : www.blacklisted.com/

Blacklisted page address :  www.blacklisted.com
Possible working modification : blacklisted.com/

Blacklisted page address :  www.blacklisted.com
Possible working modification :  www.blacklisted.com/index.htm (or index.html, htm?, index.php, index.asp, etc)

Use Alternative DNS Servers

An extension of this technique is to bypass the Domain Name Servers of your local ISP, using third-party servers to reach domains that may be blocked by the ISP's servers. There are a number of free, internationally available DNS services that you can try. 
OpenDNS provides one such service and also maintains guides on how to change the DNS server that your computer uses. . There is also an updated list of available DNS servers from around the world at DNSserverlist.org.

Google also offers free DNS 
To try it out configure your network settings to use the IP addresses 8.8.8.8 and 8.8.4.4 as your DNS servers.
 

Proxies and Proxy Servers
 

A web proxy allows you to retrieve a web site even when direct access to that site is blocked at your location. Typically, a web proxy features a form where you submit the URL of a site that you want to view. The proxy then shows you the page, but prevents a direct connection between you and the requested web site. Proxy servers act as intermediaries between you and the web site. You can set up your web browser to retrieve web pages via a proxy. If you use a proxy when you request a web page or network resource you are requesting that the proxy fetches it for you , it then relays the data to your computer.

Pros:

•  Easy to use
•  Some web browsers have integrated tools or add-ons for managing proxy use and lists of proxies.
•  Private web proxies can be customized to meet the specific needs of users and are less likely to be discovered and blocked by any filtering authorities. 
• There are a lot of proxies

Cons:

• Often allow only web traffic (HTTP)
• Many cannot use multimedia or be used with encryption
• Services that require authentication (such as Web-based e-mail) may not be fully functional through a proxy. 
• Web proxies, like other content, can be blocked or intercepted.
• Unencrypted communications with a proxy can be intercepted by network operators, so keyword filtering may still work. 
• The operators of a proxy can read their communications and record the IP address from which the proxy was used. (so be careful with passwords , credit cards etc)

You can find lists of web proxies on sites like http://www.proxy.org/ or just by searching for "free web proxy" in any search engine.
 Opera has a menu item for enabling proxies under the tools menu and Firefox has several add-ons available from the Mozilla website (FoxyProxy and SwitchProxy are two of them) Typically all that is required is that you add working proxies ,rom unfiltered locations, to a list contained within the browsers or addons settings page. Then you just enable the addon or proxy use.

If you are in a country with unrestricted Internet access and you are willing to help others get around censorship, you can install a web proxy script on your own web site or on your home computer, there are however risks that accompany running a proxy server.

Proxy Software and scripts:

• CGIProxy
• PHProxy
• Zelune
• Glype 
• Psiphon 
• Picidae 
• bblocked

 
Tor - The Onion Router

 Pros: 

• Tor's encryption hides the contents of your communications from your local network operator
• Conceals whom you are communicating with or what web sites you're viewing. 
• When used properly, it provides significantly stronger anonymity protection than a single proxy.Tor bridges, These are Tor nodes not publicly listed, specifically to avoid blocking.
• If installing a preconfigured package it can be very easy to set up
• There are portable packages available to place on your usb

  Cons:

• Some programs you might use with Tor have problems that can compromise anonymity. 
• Can be slow 
• Tor is vulnerable to blocking. 
• Most Tor nodes are listed in a public directory so it is easy for network operators to access the list and add the IP addresses of nodes to a filter
• Tor is sometimes used by spammers and other internet villains as a result some websites block access to users that arrive from Tor exit nodes. – (Sadly in the interests of honesty I should disclose that NotAsCoolAsItSeems does block some of these nodes. It was not a decision taken lightly. There is only one admin for the site and blocking those nodes reduced spam and other malicious activity by about 50 - 60 %. Sorry. This site is a hobby not a full time job.)

 Using Tor to access a web site, your communications are randomly routed through a network of independent, volunteer proxies. All the traffic between Tor servers is encrypted, and each of the relays knows only the IP address of two other relays - the one immediately previous to it and the one immediately after it in the data transfere request chain.
To connect to the Internet through the Tor network and use it for anonymity or circumvention, you need to install the Tor client software on your computer.

You can get it here. Read the warnings carefully.There is also a thumbdrive/portable version available.

Tor has support for many applications that support SOCKS

• most Web browsers
• many instant messaging and IRC clients
• SSH clients 
• e-mail clients

If you think Tor is being blocked by your isp or network you can attempt to enable bridges. To use a bridge you need to locate one and add its information in your network settings. Send an e-mail from a Gmail account to bridges@torproject.org with the line "get bridges" by itself in the body of the mail.

VPN (virtual private network) and Tunnelling

These are techniques that allow you to encrypt the data connections between yourself and another computer. This computer might belong to your organization, a trusted contact or a commercial VPN service. Tunneling encapsulates a specific stream of data within an encrypted protocol, making everything that travels through the tunnel unreadable to anyone along the way. VPNs are very commonly used by corporations to allow employees who need access to sensitive financial or other information to access the companies' computer systems from home or other remote locations over the Internet. 

Pros:

•  A network operator should not be able to view the communications sent over the VPN unless the VPN is set up incorrectly.
•  Many international companies use VPN technology, it is not very likely to be blocked.

Cons:

• Commercial tunneling services and commercial VPNs are publicly known and may already be filtered.
• Cannot normally be used by users in public access locations where users cannot install software, such as Internet cafés or libraries.
• A network operator can detect that a VPN is being used and determine who the VPN provider is.
• May require a higher level of technical expertise than other circumvention methods. 

Using a VPN or other kinds of tunnels to encrypt your information can be a good way of ensuring it is not seen by anyone but yourself and people you trust. It has the additional effect of making all your different kinds of traffic look similar to an eavesdropper or to a system that is trying to block your traffic. Since many international companies use VPN technology, it is not very likely to be blocked. These techniques create a tunnel from your computer to another computer somewhere on the Internet. Your data can travel through this tunnel and then continue to a final destination on the Web. The integrity and privacy of the traffic inside the tunnel are protected by encryption.
 There are commercial VPN services set up specifically for web browsing but you can also use free software to create VPN between two or more computers for the purposes of exchanging files, information. Or even just playing on-line games.

Some examples of VPN , mediated VPN and VPN like software are listed below, each has its strengths and is targeted at different user needs and experience levels.
 

• OpenVPN 
• Hamachi there is a free “lite” version (a lot of gamers know this one)
• Wippien similar to hamachi but open source
• Social VPN  peer-to-peer network connectivity between a user and his or her friends 
• UltraVNC  remote desktop software can help get files outside of a network.
• TightVNC remote desktop software can help get files outside of a network

In the past people have said that you only realize how important freedom is once it is gone. Lets not let it get to that point.

For further reading and tools please see the links below in the info box. The article in text format is also supplied as an attachment. Any additions comments and updates are welcome. You can leave them in the comments or send them via our contact form.

Use the following link to search for relevant reviews or faults associated with the Wireless Broadband Router. The results are provided by our custom Google search, which attempts to return more meaningful data for individuals researching hardware or electronics products prior to purchase.
(results are displayed within this site.)

Follow these links to find out the product features or to compare prices.

Attachment	Date	Size
Circumvention.zip	16/12/09 1:59 am	5.72 KB