shayad inam filter shoode./.. ghoftam bashe shayad kasi khast azash estefade kone
--------------------------------------------------------------------------------
HOWTO bypass Internet Censorship
Freerk Ohling <[email protected]>, last updated 2003-07-03
--------------------------------------------------------------------------------
1. Introduction
1.1 About Internet censorship
1.2 Why am I writing this?
1.3 How to get this file
2. Possible weaknesses
3. Different kinds of censorship
3.1 Blocked URL's via the DNS-server
3.2 Forced proxy server / transparent proxy
3.3 Keyword filter
3.4 Blocked ports
3.5 Software on the client (child protection e.t.c)
3.5.1 NetNanny
3.5.2 CyberSitter
3.5.3 AOL Parental Control
3.5.4 CyberPatrol
3.5.5. SurfWatch / SurfControl
3.6 Censorware on the server (inside of networks)
3.6.1 Bess/N2H2
3.6.2 DansGuardian
3.6.3 WebSense
3.6.4 WebWasher
3.6.5 SmartFilter
3.6.6 squidGuard
3.7 Whitelist
3.8 IP blocking on the routers
4. Different ways to bypass censorship
4.1 Using a different ISP
4.2 Using a not censoring DNS-server
4.3 Using a non censoring proxy server
4.3.1 Standard proxy
4.3.2 Uncommon port proxy
4.3.3 Socks proxy
4.3.4 Set up an own proxy server
4.3.5 Special proxy / tunnel tools
4.3.5.1 JAP
4.3.5.2 Httport
4.3.5.3 Localproxy
4.3.5.4 HttpTunnel
4.3.6 Wingates
4.4 Using a shell
4.5 Using a webproxy
4.5.1 Standard webproxies
4.5.2 Webproxies with encrypted URL's
4.5.3 Webproxies over a secure SSL-connection
4.5.4 Translators, warpers, e.t.c that can be used as a proxy
4.6 Get Webpages via eMail
4.7 Using steganography
4.8 Using a special proxy like peer-2-peer program
4.8.1 Peek a Booty
4.8.2 Freenet
4.8.3 MojoNation
4.8.4 TriangleBoy
4.8.5 Six/Four
4.8.6 Freenet China
4.8.7 Entropy
4.9 Special Services
4.9.1 Usenet
4.9.2 Games
4.9.3 FTP
4.9.4 Instant Messenger
4.9.4.1 ICQ
4.9.4.2 MSN Messenger
4.9.4.3 AIM
4.9.4.4 Yahoo Messenger
4.9.5 Filesharing Programs
5. Howto publish information
6. Appendix
6.1 Links
6.1.1 Other bypass tutorials
6.1.2 Other sites about censorship
6.1.3 Where to get proxies
--------------------------------------------------------------------------------
back to top
1. Introduction
1.1 About Internet censorship
In the last 10 years the Internet grew very, very fast. It is a bunch of thousands of little networks put together. Billion computers are connected and it is basically not controlled or even owned by a government or company. There are no laws, everybody can put his webpages online which can be accessed by everybody on the world who is sitting in front of a computer with Internet access. I belive that this can and will change the world as we know it today.
But there are several governments who think that this unlimited access to information is dangerous for their citizens. These are for example China, Saudi Arabia, Australia, Bahrain, Cuba, Jordan, Tunisia, Burma, Singapore, Uzbekistan, Yemen, Kuwait, Vietnam, Syria, Iran, United Arab Emirates and parts of Africa and Germany. This ranks from a very easy to circumvent DNS blocking of only 2 nazi sites in parts of Germany to a government office with 30.000 employees only working in blocking thousands of websites, services and ports in China.
Though the blocking methods are different there are also different ways to bypass them. I will try to show you how to access the website of Amnesty International, BBC, Google and other blocked sites in your country. I made this website in very basic HTML, so that you can even view it with a very old computer. Please share this information, link the site, copy it, mirror it, print it (I didn't "hide" any links, so that no link is lost when you print it) and teach your friends and relatives!
1.2 Why am I writing this?
Well, I'm living in Germany, which is not very famous for it's censoring. But the local government from one of the 16 German states (NRW) tries to introduce censorship by blocking 2 US nazi sites. Sure, I really don't like those guys but in my opinion no government or even a system administrator got the right to choose which information a individual have access to. What websites are next? Who chooses which websites will be blocked? Additionally, my school blocks some websites and so I became interesting in this topic.
1.3 How to get this file
As you are reading this you actually found this file somewhere. The most updated version you can get here:
European mirror: http://www.zensur.freerk.com/ - (Lambdanet - Erfurt, Germany)
American mirror: http://nocensor.opennetinitiative.net/ - (University of Toronto, ON, Canada)
Asian/Pacific mirror: http://tokyo.cool.ne.jp/cship/ (Infoseek - Tokyo, Japan)
SSL mirror: https://secure.sslpowered.com/bpass/ (Netfirms, Toronto, ON, Canada)
Dynamic IP mirror: http://maybe-yours.dyndns.org/ (please email me)
eMail autoresponder: [email protected] (just send an empty email, you will automatically get this text as plain HTML in return.)
--------------------------------------------------------------------------------
back to top
2. Possible weaknesses
You have to choose to bypass the Internet censorship or not. I only show you how to do it, I can't take any responsibility. In several censor countries you will go to jail if they catch you, in a lot of companies you will get fired and some schools will ban you.
Of course the censors not only block internet traffic, they are also looking at it (in countries/companies with a little Internet population) and try to find out who is bypassing their firewall how. An easy way to find out who (and how) is bypassing the firewall is by just looking for some identicators in the logfiles:
Right after the Internet connection is established the user is connecting to only one server and remains connected to it all the time he's online.
What a user do right after he gets an "access denied" message from his censor. (open a special website, go to a chatroom, connect to a special server...)
Try to avoid getting cought this way!
More infos: http://www.peacefire.org/circumvento...eaknesses.html
http://peek-a-booty.org/pbhtml/downl...Lopwistcic.htm
--------------------------------------------------------------------------------
back to top
3. Different kinds of censorship
There are many different solutions to censor Internet traffic. Sometimes there are 2 or more combined. Please write me to [email protected] which blocking methods are used in your country, which ISP are you using and the ways that work for you to bypass it, it would be very useful for other users!
3.1 Blocked URL's via the DNS-server
This is used for example from some German providers. It is a very cheap and easy censoring method and the same is true for bypassing it. First, I will explain what the Domain Name System is: Every computer on the Internet has an unique adress, a little bit like a telephone number. These are 4 numbers from 0 to 255 seperated with a dot. For example: 62.141.48.209 is the IP adress for www.freerk.com. Because of remembering such a number is very difficult, the DNS was invented. This service maps an URL to it's IP adress. If you type www.freerk.com into your browser, the request is send to the DNS-server that was automatically given to you by your ISP on dialing into the Internet. A lot of addresses are already cached, so the DNS-server sends the IP adress for the URL back to you. If the DNS-server has no cached information on the site requested by you, he asks on of the 13 root servers, which know all addresses. If the DNS-server from your provider is censoring, he just refuse to send you the real IP-adress. He sends you nothing or an IP from a "sorry" website.
3.2 Forced proxy server / transparent proxy
You have to specify a proxy server in your 'Internet Explorer' settings in order to get a connection to the Internet. Sometimes, the ISP is using a transparent proxy. With these you can't see easily if there is a proxy or not. Every request you send to or receive from the Internet is checked at this server and redirected to you (well, or not...).
3.3 Keyword filter
This means that all Internet traffic goes through the servers of the censor, who is scanning the content for 'bad words'. This dynamic filtering is true for most filters in schools, libraries and companies. If the site contains bad words it is blocked. The person who is offering the blocked information could prevent the censoring by "hide" the content inside of images. For the user there is almost no difference, but it is difficult for a computer program to "read" the text inside an image. Also SSL encrypted traffic (a URL starting with https://...) can't be scanned easily. You can test which keywords are blocked on your connection on http://www.zensur.freerk.com/kword/ there you can enter the keyword(s) you want to test an click on "send" when you get the message "You entered blablabla" in return everything is fine, but if you get an error message you know which words are blocked.
3.4 Blocked ports
Ports are like doors for a special service to a server or PC. They rank from 0 to 65535. The standard ports are from 0 to 1024, these are the well known ports. The official list you can get unter http://www.iana.org/assignments/port-numbers. If a censor blocks a port, every traffic on this port is dropped, so its useless for you. Most censors blocks the ports 80, 1080, 3128 and 8080, because these are the common proxy ports. Because all of the proxies on common ports are useless for you, you have to find proxies that are listening on an uncommon port. These are very difficult to find.
You can easily test which ports are blocked on your connection. Just open the DOS-prompt, type telnet login.icq.com 80 and hit enter. The number is the port you want to test. If you get some wired symbols in return everything is ok, if it says "timeout" or something similar, that port is blocked by your ISP. Here are the most important ports for us:
20+21 - FTP (file transfer)
22 - SSH (secure remote access)
23 - telnet (remote access) and also Wingates (special kind of proxies)
25 - SMTP (send email)
53 - DNS (resolves an URL to an IP)
80 - HTTP (normal web browsing) and also a proxy
110 - POP3 (receive email)
443 - SSL (secure HTTPS connections)
1080 - Socks proxy
3128 - Squid proxy
8000 - Junkbuster proxy
8080 - a proxy
3.5 Censorware on the client (child protection e.t.c)
Normally the censorship is implemented on servers from the ISP or government, but in some schools, private homes and some companies the blocking software is installed on every PC.
More info: http://www.peacefire.org/
http://www.cexx.org/censware.htm
http://www.epinions.com/cmsw-Kids-Topics-2
http://www.securiteam.com/securityre..._bypassed.html
3.5.1 NetNanny
More info: http://www.netnanny.com/index.html
http://peacefire.org/censorware/Net_Nanny/
3.5.2 CyberSitter
More info: http://www.cybersitter.com/
http://www.spectacle.org/alert/peace.html
http://www.peacefire.org/censorware/CYBERsitter/
3.5.3 AOL Parental Control
More info: http://www.aol.com/info/parentcontrol.html
3.5.4 CyberPatrol
More info: http://www.cyberpatrol.com/
http://www.peacefire.org/censorware/Cyber_Patrol/
3.5.5. SurfControl
More info: http://www.surfcontrol.com/
http://peacefire.org/censorware/SurfWatch/
3.6 Censorware on the server (inside of networks)
This are programs that are mostly installed on servers in schools, libraries, companies or countries with a little Internet population.
3.6.1 Bess/N2H2
Bess is a proxy filter that is often used in schools/universities and companies. It can easily bypassed with Webproxies.
More info: http://www.n2h2.com/products/bess_home.php
http://www.peacefire.org/censorware/BESS/
3.6.2 DansGuardian
It's a Open Source Webfilter. Free for non-commercial use and thus it is widhly spread in universities, schools and libraries. It works as a Proxy with URL and keyword filtering (and also with the PICS-Standard). It's often used on a IPCop machine, however, the author from DansGuardian doesn't like it.
More Info: http://dansguardian.org/
3.6.3 WebSense
More Info: http://www.websense.com/
http://www.peacefire.org/censorware/WebSENSE/
3.6.4 WebWasher
More Info: http://www.webwasher.com/
3.6.5 SmartFilter
More Info: http://www.securecomputing.com/index.cfm?skey=85
http://www.peacefire.org/censorware/SmartFilter/
3.6.6 squidGuard
More Info: http://www.squidguard.org/
3.6.7 new_new
3.7 Whitelist
Most Internet filters works with a blacklist, which means that access to all sites is allowed, except some special sites (well, sometimes there are a lot exceptions...). A whitelist works the other way around: Access to all sites is blocked, except some special ones. For a normal ISP it is almost impossible to offer, because the Internet is nearly worthless. The whitelist scheme is used by free Internet terminals that are sponsored by a company which allows users the free access to their e-commerce site. This filter scheme is the most difficult to circumvent.
Some time ago, there was a German ISP who had a completely free 0800-dial in number. Once you dialed in, you only could surf to amazon.de and about 10 more e-commerce sites. But you could also connect to the other customers of the ISP. So somebody with a flatrate connected to both his normal ISP and the 0800-free ISP and set up a proxy. So all the users of the free ISP could use that proxy to connect to other sites.
3.8 IP blocking on the routers
--------------------------------------------------------------------------------
back to top
4. Different ways to bypass censorship
Since you can't directly access a server that is blocked you have to send the request to a non blocked server which redirects the traffic to the real site you want to visit. There are different types of these "gatekeepers".
4.1 Using a different ISP
Well, it's as easy as it sounds: Just change your Internet Service Provider! For example only in 'Nordrhein-Westfalen' (a state of Germany) there is a censoring firewall, you can just subscribe to an ISP outside that state. But normally the censorship counts for all the country. One possibility is to try out an ISP outside the country. That costs a lot, but that way you do have a normal Internet access and don't have to worry about getting around filters. This could be a normal dialup provider in an neighbor country or better a 2-way Internet access via satellite like http://www.europeonline.com/ http://registrierung.tiscali.de/prod...0_satellit.php, http://www.gilat.de/, http://www.hns.com/, http://www.vsatnet.com/, http://www.starband.com/, http://www.wildblue.com/, http://www.skycasters.com/, http://www.directduo.com/, http://www.orbitsat.com/, http://www.ottawaonline.com/ and so on, just search with a search engine for '2-way internet via satellite [your country or neighborcountry]' or something like that.
4.2 Using a not censoring DNS-server
Normally, you automatically would use the DNS-server of your ISP to resolve domain names like www.freerk.com to 62.141.48.209. Internally, only these IP-addresses are used to send/receive data in the Internet. If your DNS-server is censoring, you simply can use another DNS-server. Under Windows, just right-click in your system panel on the 'network' icon and select properties of the TCP/IP-protocol. In Linux you have to edit the '/etc/resolv.conf' file. Use the server that is (virtual) your nearest. If you want to setup your own DNS-server use Bind (http://www.isc.org/products/BIND/). The list of the 13 official root servers is located here: ftp://ftp.rs.internic.net/domain/named.root for reduancy it would be good to ad the alternative root servers located in Europe from ORSN: ftp://ftp.orsn.org/orsn/orsn.hint.
Non censoring DNS-Servers:
dns2.de.net - 194.246.96.49 (Frankfurt, Germany)
sunic.sunet.se - 192.36.125.2 (Stockholm, Sweden)
master.ns.dns.be - 193.109.126.140 (Leuven, Belgium)
merapi.switch.ch - 130.59.211.10 (Zurich, Switzerland)
prades.cesca.es - 192.94.163.152 (Barcelona, Spain)
michael.vatican.va - 212.77.0.2 (Vatican City, Italy)
dns.inria.fr - 193.51.208.13 (Nice, France)
ns0.ja.net - 128.86.1.20 (London, UK)
nic.aix.gr - 195.130.89.210 (Athens, Greece)
ns.ati.tn - 193.95.66.10 (Tunis, Tunisia)
ns1.relcom.ru - 193.125.152.3 (Moscow, Russia)
trantor.umd.edu - 128.8.10.14 (College Park, MD, USA)
ns1.berkeley.edu - 128.32.136.9 (Berkeley, CA, USA)
merle.cira.ca - 64.26.149.98 (Ottawa, Canada)
ns2.dns.br - 200.19.119.99 (Sao Paulo, Brasil)
ns2.gisc.cl - 200.10.237.14 (Santiago, Chile)
ns.uvg.edu.gt - 168.234.68.2 (Guatemala, Guatemala)
ns1.retina.ar - 200.10.202.3 (Buenos Aires, Argentina)
ns.unam.mx - 132.248.253.1 (Mexico City, Mexico)
ns.wide.ad.jp - 203.178.136.63 (Osaka, Japan)
ns.twnic.net - 192.83.166.11 (Taipei, Taiwan)
ns3.dns.net.nz - 203.97.8.250 (Wellington, New Zealand)
box2.aunic.net - 203.202.150.20 (Melbourne, Australia)
It's also possible to act as a manual DNS server by yourself. Just use the ping or traceroute service on a non censoring machine to get the IP of your desired server. Then use the IP instead of the URL in your browser. You will always get an IP, but it won't work every time to access the website via the IP, because a lot of webhosters host up to 500 or more websites on one server with one IP. But it will work fine with bigger websites.
http://195.193.168.164/ - Rotterdam, Netherlands (JAVA VISUALROUTE)
http://www.vs1.ffs-server.de:8000/ - Darmstadt, Germany (JAVA VISUALROUTE)
http://202.85.153.198:8080/ - Hong Kong (JAVA VISUALROUTE)
https://www.velia.net/tools/traceroute.php - Hanau, Germany (HTTPS encrypted)
http://www.traceroute-gateways.com/ - About 1000 public ping/traceroute gateways sorted by country
http://www.traceroute.org/ - Another list with public ping/traceroute services sorted by country
4.3 Using a non censoring proxy server
You can put a proxy server between your Internet connection and the site you want to visit. You send your request for a special website to that proxy server, which request the page from the Internet and deliver it to you. Normally, those servers cache the requested pages, so that on the next request he can deliver the page directly from the cache. That would be faster and cheaper. We use those servers to bypass censorship. For the eyes/computers of our ISP/Government we are only connecting to the proxy, they can't easily see, that we are connecting to a "bad site". But sometimes the standard proxy ports (80, 1080, 3128 and 8080) are blocked. In that case you have to use the proxies that are listening on an uncommon port.
4.3.1 Standard proxy
Standard Proxies you can find everywhere on the net. Almost every provider offer a proxy for their customers. Here are a few, its in the widly spread "hostname:port" format. Theese proxies are mostly not anonymous!
www-proxy.t-online.de:80 (Bonn, Germany)
cair.res.in:80 (Bangalore, India)
esjv.com.hk:80 (Hong Kong)
mail.unisol.com.ar:80 (Argentina)
souththornlieps.wa.edu.au:3128 (Perth, Australia)
proxy.olimpo.com.br:8080 (Rio de Janeiro, Brasil)
203.77.236.3:8080 (Jakarta, Indonesia)
4.3.2 Uncommon port proxy
Due to the fact that several censors block the common proxy ports (80, 1080, 3128 and 8080) to prevent circumvention you have to use proxies that are listening on a uncommon port. For example 8000 for the Junkbuster proxy or 6588 for the AnalogX proxy. You get a weekly updated list of Proxies that are listening on a non standard port here: http://www.zensur.freerk.com/list.txt or via eMail autoresponder at [email protected].
4.3.3 Socks proxy
More info: http://www.ufasoft.com/socks/
http://proxylabs.netwu.com/proxycap/
4.3.4 Set up an own proxy server
More info: http://www.gcd.org/sengoku/stone/
http://www.junkbusters.com/ijb.html
http://www.boutell.com/rinetd/
4.3.5 Special proxy / tunnel tools
4.3.5.1 JAP
JAP is an free and open source anonymity tool invented by a German university. It sends your traffic encrypted through different mixes, so that absolutely nobody, not even the owner of on of the mixes know who is accessing which site. This is also on of the best tools to circumvent censorship. Just follow the instalation instructions on http://anon.inf.tu-dresden.de/index_en.html on installing the Java client (available for Windows, Unix, Linux, OS/2, Macintosh and others) The infoservice is listening on port 6543, the Dresden-ULD mix on port 26544, the Dresden-Dresden mix on port 6544 and the Dresden-Luebeck mix on port 9544.
4.3.5.2 Httport
http://www.htthost.com/
4.3.5.3 Localproxy
http://proxytools.sourceforge.net/
4.3.5.4 HttpTunnel
http://www.http-tunnel.com/
http://www.nocrew.org/software/httptunnel.html
4.3.6 Wingates
More info: http://www.deerfield.com/products/wingate/
--------------------------------------------------------------------------------
4.4 Using a shell
http://www.chiark.greenend.org.uk/~sgtatham/putty/
http://directory.google.com/Top/Comp...ell_Providers/
http://www.panix.com/shell.html
http://www.shellux.net/
4.5 Using a webproxy
Webproxies are CGI-******s that you call with your browser and open a different URL (Internetadress) with. So your firewall thinks you are only connecting to the server with the CGI-******. The addresses under 4.5.4 are not really meant as proxies. They act as translators, html-checkers or as a webarchive. You can use them as a kind of proxy anyway. These webproxies are a good thing for "quick 'n dirty" bypassing. You don't have to configure your browser or something, but it's kind of slow and won't work with all webpages. Only the proxies that are going over a secure connection can be used for phrase filtering, but the others a perfect for URL/IP filtering. Use them in your school, company or library when you have no privileges to install/change something on the machine. These links points to google.de because the site is very small, usefull, always on and does not contain the ".com" extension of DOS-Files that are filtered by some proxies. If you do have webspace with cgi abillity you can download the CGIProxy from James Marshall and install it on that webspace (there is a easy installer which does everything for you: http://install.xav.com/). To find new working proxies search for "nph-proxy.cgi", "nph-proxy.pl", "Start Using CGIProxy", "Start browsing through this CGI-based proxy" or something like that with Google, Altavista, Yahoo or another search engine.
4.5.1 Standard webproxies (mostly CGIProxies: http://www.jmarshall.com/tools/cgiproxy/)
http://anon.free.anonymizer.com/http://www.google.de/
http://invis.free.anonymizer.com/http://www.google.de/
http://anonymouse.ws/cgi-bin/anon-ww...www.google.de/ (Advertisement)
http://www.sendfakemail.com/anonbrowser/ (Without images)
http://203.26.19.30/proxy/proxy.pl/0...www.google.de/ (Whitout images)
http://ground0.hypermart.net/nph-cyb...www.google.de/
http://www.mdsme.de/cgi-bin/nph-spin...www.google.de/
http://www.dumpfbacke.de/cgi-bin/mds...www.google.de/
http://www.pureprivacy.com/ (Advertisement)
http://www.marzie.com/webtools/proxy...www.google.de/ (Advertisment)
http://www.mckendree.edu/******s/nph...www.google.de/
http://pasty.hypermart.net/cgi-bin/n...www.google.de/
http://203.26.19.30/proxy/nph-proxy....www.google.de/
http://www.tku.ac.jp/~99e1330/cgi-bi...www.google.de/
http://www.delorie.com/web/purify.cg...Fwww.google.de (Advertisment)
http://proxy.drkangel.com/nph-index....www.google.de/
http://www.perseus.tufts.edu/cgi-bin...www.google.de/
http://www.anonymization.net/1/1/A/h...www.google.de/
http://brianwiese.net/cgi-bin/nph-pr...www.google.de/
http://www.wgbh.org:81/cgi-bin/nph-a...www.google.de/
http://www.vbdesign.net/cgi-bin/nph-...www.google.de/
http://www.jetropolis.com/cgi-bin/np...www.google.de/
http://digitalizedzone.com/cgiproxy/...www.google.de/
http://www.rocketstable.com/nph-prox...www.google.de/
http://unfeomateo.com/cgiproxy/nph-p...www.google.de/
http://www.morgurch.com/nph-proxy.cg...www.google.de/
http://www.joelkimble.com/cgi-bin/np...www.google.de/
http://www.linuxdistributions.com/cg...www.google.de/
http://martignier.net/cgi-bin/nph-pr...www.google.de/
http://ym2400z.virtualave.net/cgi-bi...www.google.de/
http://glass.ipe.tsukuba.ac.jp/~s011...www.google.de/
http://ef-chat.hypermart.net/jiimbo-...www.google.de/
http://www.anonsurf.de/cgi-bin/nph-a...www.google.de/
http://www.spunge.org/~hyperwar/nph-...www.google.de/
http://www.valkaryn.net/proxy/nph-pr...www.google.de/
http://www.rahty.com/nph-proxy.cgi/0...www.google.de/
http://www.boyscorp.com/prx/nph-prox...www.google.de/
http://www.thinksquad.com/cgi-bin/np...www.google.de/
http://www.hostsite.org/proxy/nph-pr...www.google.de/
http://free2.surffreedom.com/nph-fre...www.google.de/
4.5.2 Webproxies with encrypted URL's
http://www.proxyone.com/cgi-bin/nph-...676c652e64652f (Without images)
http://proxy.guardster.com/cgi-bin/n...676c652e64652f
http://www.chronicpulse.net/anonymou...ZGU-:&v:njs=on (Advertisment, Without images)
http://proxify.com/nph-proxy.cgi/000...676c652e64652f (Advertisment)
http://www.team777.com/cgi-bin/ey3/n...676c652e64652f
4.5.3 Webproxies over a secure SSL-connection
a lot of ssl-webproxies can be found here: http://qingxin.mine.nu/ssl.asp
https://www.anonsurf.de/cgi-bin/nph-...www.google.de/
https://dtnet.getmyip.com/cgi-bin/np...yyy.iqqing.fg/ (encryption is letter +2 in the alphabet)
https://dweb.homeunix.org/cgi-bin/np...yyy.iqqing.fg/ (encryption is letter +2 in the alphabet)
https://dtw.ods.org/cgi-bin/nph-prox...www.google.de/
https://nav.ebutechnologies.com/secu...www.google.de/
https://ym2400z.virtualave.net/cgi-b...www.google.de/
https://vip.megaproxy.com/go/_mp_fra...www.google.de/ (Advertisment)
https://proxify.com/nph-proxy.cgi/00...676c652e64652f (Advertisment)
https://www.perseus.tufts.edu/cgi-bi...www.google.de/ (Without images)
https://www.eopledaily.com/dmirror/http/www.google.de/
https://nhuanet.com/cgi-bin/nph-prox...www.google.de/
https://dtaiwang.ftphost.net/cgi-bin...www.google.de/
https://www.eopledaily.com/cgi-bin/n...www.google.de/
https://nadaily.com/cgi-bin/nph-prox...www.google.de/
https://wan.myftp.biz/cgi-bin/index....nnn.kxxkdj.vj/
https://www.amduus.com/cgi-bin/nph-p...www.google.de/
https://ym2400z.virtualave.net/cgi-b...www.google.de/
https://ef-chat.hypermart.net/jiimbo...www.google.de/
4.5.4 Translators, warpers, e.t.c that can be used as a proxy
http://www.dejavu.org/ (Browser Emulator)
http://crit.org/http://www.google.de/
http://paranormal.about.com/gi/dynam...Fwww.google.de
http://bobby.cast.org/bobby/bobbySer.../www.google.de (Websitechecker)
http://www.vischeck.com/vischeck/vischeckURL.php (Websitechecker)
http://spireproject.com/cgi-bin/foot.../www.google.de (Footnote?)
http://cyber.law.harvard.edu/cite/an.../www.google.de (kind of a footnote)
http://webwarper.net/ww/~GZ/www.google.de/?* (Warper)
http://babelfish.altavista.com/ (Translator)
http://www.freetranslation.com/web.htm (Translator)
http://translation.langenberg.com/ (Translator)
http://www.systransoft.com/ (Translator)
http://www.translate.ru/srvurl.asp?lang=de (Translator)
http://translator.abacho.de/ (Translator)
http://www.t-mail.com/cgi-bin/tsail (Translator)
http://www.google.com/language_tools?hl=de (Translator)
http://tarjim.ajeeb.com/ajeeb/default.asp?lang=1 (Translator)
http://www.sdlintl.com/enterprise-sy...translator.htm (Translator)
http://rinkworks.com/dialect/ (Fun-Translator)
http://www.brunching.com/drugslanger.html (Fun-Translator)
http://www.****olize.com/cgi-bin/***...&submit=submit (Fun-Translator)
http://unimut.fsk.uni-heidelberg.de/schwob.html (Fun-Translator
http://www.google.com/ .de/ .fr/ (the Google Cache)
http://web.archive.org/web/*/http://www.google.de (Archive of the Internet since 1996)
http://www.marzie.com/webtools/proxybuster/ (get files)
http://alltooflat.com/geeky/elgoog/ (a Google fun mirror mirror)
http://www.guhgel.de/ (another Google fun mirror)
http://www.assoziations-blaster.de/www.something.de/
http://mirror.sytes.org/ (a fun mirror mirror *gg*)
http://proxy.citizenlab.org/google/ (a Google mirror)
http://google.icq.com/search/ (a Google mirror)
http://www.zensur.freerk.com/google/ (a mirror for the Google mirror...)
http://www.google-watch.org/cgi-bin/proxy.htm (another Google and Alltheweb mirror)
http://www.aigeek.com/txt2html/txt2h...Fwww.google.de (html2text)
http://gritechnologies.com/tools/dia...www.google.de/ (see as a search engine)
4.6 Get webpages via eMail
Several years ago when the Internet connections where slow and the "www" just invented, many people just got a to email restricted access to the Internet. That's the origen of the "Agora" and "www4email" software. Some of these email robots are still available and we can use them to bypass Internet censorship. The best thing would be to subscribe to a free email provider which allows SSL-connections (like https://www.fastmail.fm/, https://www.ziplip.com/, https://www.hushmail.com/, https://www.safe-mail.net/, https://www.mail2world.com/, https://webmail.co.za/, https://www.webmails.com/ e.t.c) and use that account with the email addresses below. I put the field where you have to input the URL in brackets. It still works great for text. But sure there are big problems with images or even DHTML, **********, Java, Flash e.t.c. Also other services besides www are possible, for a very good tutorial on this see ftp://rtfm.mit.edu/pub/usenet/news.a...cess-via-email. There is also a web based sar.com/google/
More info: http://www.cix.co.uk/~net-services/mrcool/
4.7 Using steganography
4.8 Using a special proxy like peer-2-peer program
There are different projects of peer-2-peer programs to bypass censorship. They work like Napster, Kazaa and eDonkey, which means that you have to download a little tool that contains a server and a client part.
4.8.1 Peek a Booty
More info: http://www.peek-a-booty.org/
4.8.2 Freenet
Freenet is the oldest and most widly spread P2P-program to beat censorship, so a lot of people use it and its actually working since several years quite well. There is no access to the Internet possible through the Freenet client. You can only view/download stuff from the 'free net'. You install the client as a local proxy which is listening on port 8888 and can access links like ' http://localhost:8888/SSK@fjfkHAbxdwMyTMFgtZjcP2ge-AYPAgM/sites/fwhh/index.html' It looks like a kind of normal URL. The 'localhost:8888' addresses the proxy server on port 8888 that is running on your local machine the rest is something like an encrypted filename. It is not possible to determine who put some information into the network or who is downloading it.
More info: http://freenetproject.org/
http://www.freenet-china.org/
4.8.3 MojoNation
More info: http://www.mojonation.net/
4.8.4 TriangleBoy
More info: http://www.safeweb.com/tboy_service.html
4.8.5 Six/Four
More info: http://www.hacktivismo.com/
4.8.6 Entropy
More info: http://entropy.stop1984.com/
4.9 Special Services
4.9.1 Usenet
The normal port for newsservers 119 is usually blocked, so you have to access the usenet via a different port. If you only sometimes want to read some very common newsgroups you can easily visit them via free web-based newsservers like http://groups.google.com/ or http://news.spaceports.com/. A lot of newsserver companies offer their services on a non standard port. Just ask them before signup. If you need access to a newsserver with your newsclient you have to subscribe to one of these newsserver-companies which allow access to their newsservers on an uncommon port:
http://www.giganews.com/ - (ports 23 and 80 are working)
http://www.easynews.com/ - (use their web-based newsserver or try the 'proxy.news.easynews.com' with port 21, 22, 23, 25, 53, 80, 110, 443 or 8080)
http://www.newscene.com/ - (try the 'proxy.newscene.com' with the ports 20, 21, 22, 23, 25, 53, 80, 81, 110, 443 or 8080)
http://www.supernews.com/ - (you can access their newsservers via any port you like)
Note: all traffic is unencrypted, so you can access these newsservers, but the censors can easily monitor all your traffic! It would be more secure to use a SSH port forwarding.
thanks to 'sshproxy' from the nocensodigo.org/features/express.html>http://odigo.org/features/express.html (the odigo client online, works well) http://messenger.lycos.co.uk/messenger/index.jsp (lycos messenger, works with msn and yahoo)
4.9.4.3 AIM
login.oscar.aol.com:5190 Accepts connections on all ports. There are 2 official web clients: The old QuickBuddy: http://toc.oscar.aol.com/ and the newer AIM Express: http://toc.oscar.aol.com/aimexpress/index.html
4.9.4.6 Yahoo Messenger
cs.yahoo.com:5050 or cs.yahoo.co.jp:5050 Can be accessed online via: http://messenger.yahoo.com/
4.9.5 Filesharing Programs
Gnutella (decentralized) - BearShare, Gnucleus, LimeWire, new Morpheus
FastTrack (commercial, with Server) - KaZaA, KaZaA Lite, Grokster, old Morpheus
eDonkey2000 (lots of servers, uses mainly port 4662) - eDonkey2000, Overnet, eMule
OpenNap (lots of servers) - FileNavigatior, WinMX, Rapigator, TekNap, audioGnome, XNap
--------------------------------------------------------------------------------
back to top
es the proxy server on port 8888 that is running on your local machine the rest is something like an encrypted filename. It is not possible to determine who put some information into the network or who is downloading it.
More info: http://freenetproject.org/
http://www.freenet-china.org/
4.8.3 MojoNation
More info: http://www.mojonation.net/
4.8.4 TriangleBoy
More info: http://www.safeweb.com/tboy_service.html
4.8.5 Six/Four
More info: http://www.hacktivismo.com/
4.8.6 Entropy
More info: http://entropy.stop1984.com/
4.9 Special Services
4.9.1 Usenet
The normal port for newsservers 119 is usually blocked, so you have to access the usenet via a different port. If you only sometimes want to read some very common newsgroups you can easily visit them via free web-based newsservers like http://groups.google.com/ or http://news.spaceports.com/. A lot of newsserver companies offer their services on a non standard port. Just ask them before signup. If you need access to a newsserver with your newsclient you have to subscribe to one of these newsserver-companies which allow access to their newsservers on an uncommon port:
http://www.giganews.com/ - (ports 23 and 80 are working)
http://www.easynews.com/ - (use their web-based newsserver or try the 'proxy.news.easynews.com' with port 21, 22, 23, 25, 53, 80, 110, 443 or 8080)
http://www.newscene.com/ - (try the 'proxy.newscene.com' with the ports 20, 21, 22, 23, 25, 53, 80, 81, 110, 443 or 8080)
http://www.supernews.com/ - (you can access their newsservers via any port you like)
Note: all traffic is unencrypted, so you can access these newsservers, but the censors can easily monitor all your traffic! It would be more secure to use a SSH port forwarding.
thanks to 'sshproxy' from the nocensorship mailinglist
4.9.2 Games
4.9.3 FTP
http://inebria.com/phpftp/
http://www.angehrn.com/index.php?cat=28
http://www2ftp.de/
http://webftp.host.sk/
4.9.4 Instant Messenger
Instant Messenger are very popular. You have to register your nickname at one of the companies and download their software. Then when you are in the Internet you can start the software and log onto their servers. Since then you are marked as "online" and all your friends who know your nickname and get the same Instant Messenger can see that you are online and easily chat with you. Every of the 4 big players has its own software client which contains advertisments, spyware and is not compatible with other IM protocols. I recomment you to download Miranda, which is a open source Instant Messenger which is very small, without ads or spyware and working without installation. It works great with every IM protocol, even at the same time. http://miranda-im.org/
4.9.4.1 ICQ
ICQ is the oldest and most used Instant Messenger. There are many different clients out there. They normally all connect to login.icq.com:5190 via TCP in both directions. But the server accepts connections on all ports. The Java version can be started here: http://go.icq.com/. With this, you will normaly connect to iht-d01.icq.com (205.188.213.0) on the normal http port 80. At "Settings" you can also choose a different port.
4.9.4.2 MSN Messenger
messenger.hotmail.com:1863 - Since there isn't an official web-based client out there you have to try the services from different companies. You give them your password, so you have to trust them! And ask Microsoft to introduce a web-based client here: http://messenger.msn.com/support/contactus.asp?client=1 http://www.mister-i.com/i-mode/messenger.jsp (i-mode, after 3 days it costs $) or http://kickme.to/msnmessenger2go (he's still working on it) http://www.messengeradictos.com/inde...essengeronline (spanish with activex) http://odigo.org/features/express.html (the odigo client online, works well) http://messenger.lycos.co.uk/messenger/index.jsp (lycos messenger, works with msn and yahoo)
4.9.4.3 AIM
login.oscar.aol.com:5190 Accepts connections on all ports. There are 2 official web clients: The old QuickBuddy: http://toc.oscar.aol.com/ and the newer AIM Express: http://toc.oscar.aol.com/aimexpress/index.html
4.9.4.6 Yahoo Messenger
cs.yahoo.com:5050 or cs.yahoo.co.jp:5050 Can be accessed online via: http://messenger.yahoo.com/
4.9.5 Filesharing Programs
Gnutella (decentralized) - BearShare, Gnucleus, LimeWire, new Morpheus
FastTrack (commercial, with Server) - KaZaA, KaZaA Lite, Grokster, old Morpheus
eDonkey2000 (lots of servers, uses mainly port 4662) - eDonkey2000, Overnet, eMule
OpenNap (lots of servers) - FileNavigatior, WinMX, Rapigator, TekNap, audioGnome, XNap
--------------------------------------------------------------------------------
back to top
5. Howto publish information
The one think is to access information that is already censored, but the other challenge is to publish own information that can't easily be censored. Here you can se my ideas on how to avoid censorship:
Publish with a lot of mirrors. Especially dynamic IP's with a dyndns.org redirector are useful. Put your pages on so much different servers that the censors can't get along with blocking al the servers.
Use one-time-addresses. These are links/URL's that are only valid for 1 visit or 1 hour, they are often used for payed downloads.
Hide the 'dangerous' content. For example save text as images. The users won't notice it, but its difficult for the censor-spiders to 'read' the content.
Host on a secure server in another country. For example with http://www.havenco.com/ which is located at Sealand, an independent country on a little island in the north sea near England.
Encrypt the content. Use .htaccess and/or SSL for your website and AES, Twofish or Rijndael for files.
Offer your data in P2P-Programs. Filesharing programs like Kazaa or eDonkey are very difficult to censor (see the problems of the music companies...)
Send content via eMail. Create a autoresponder from which everybody with a hotmail account can receive your content from.
Martus. It's a encrypted bulletin service to post and view informations. See: http://www.martus.org/
More info: http://www.wired.com/news/technology...2,5778,00.html
--------------------------------------------------------------------------------
back to top
6. Appendix
6.1 Links
6.1.1 Other bypass tutorials
http://galileo.spaceports.com/~simeo...p-evasion.html
http://www.angelfire.com/my/6waynes/
http://www.ijs.co.nz/proxies.htm
http://sethf.com/anticensorware/
6.1.2 Other sites about Internet censorship
http://cyber.law.harvard.edu/filtering/
http://www.opennetinitiative.net/oni/ice/
http://peacefire.org/circumventor/
http://www.free-market.net/directorybytopic/censorship/
http://www.stop1984.info/
http://www.cmis.csiro.au/projects+sectors/blocking.pdf
http://www.topology.org/net/censor.html
Mailinglist: http://lists.efa.org.au/mailman/list...top-censorship - (Discussions about censorship in Australia, english)
Mailinglist: http://www.freelists.org/webpage/nocensorship - (How to beat censorship and proxies. Very good!)
http://www.vicnet.net.au/community/issues/censorship/
http://ch.dmoz.org/Society/Issues/Hu...et_Censorship/
http://ch.dmoz.org/Computers/Softwar...round_Filters/
http://ch.dmoz.org/Computers/Softwar...ng/Censorware/
http://ch.dmoz.org/Computers/Softwar...nts/Filtering/
http://ch.dmoz.org/Reference/Librari...ring_Software/
6.1.3 Where to get proxies
http://tools.rosinstrument.com/proxy/
http://www.samair.ru/proxy/
http://www.atomintersoft.com/product...xy/proxy-list/
http://www.steganos.com/software/anonproxylist.sia
http://www.zensur.freerk.com/list.txt
Via autoresponder from [email protected]
http://www.proxyblind.org/phpBB2/ (Very good!)
http://www.samair.ru/f/ (Very good!)
http://www.freeproxy.ru/download/lists/goodproxy.txt
--------------------------------------------------------------------------------
back to top
TO-DO-LIST:
Voice-over-IP
Bildung von Untergrund-(Inter)Netzen in Deutschland (GAMEnet etc.)
dIRC (ChaosComputerCongress 1997) und Abwandlungen
http://www.guardianet.net/
http://www.w3.org/PICS/
http://www.peacefire.org/bypass/Proxy/akamai.html
web-2-phone: http://www.teletrust.info/, http://www.ecommercetimes.com/perl/story/3380.html
ssh as a redirection server
rinetd as a redirection server
junkbuster
http-gw
VPNs
stone as both a redirector and a proxy
running a Perl proxy
often used non standard ports: 20, 21, 22, 23, 24, 25, 81, 82, 83, 84, 443, 1128, 2000, 5000, 6000,
6588, 7070, 8000, 8001, 8002, 8003, 8040, 8081, 8082, 8084, 8090, 8888, 8965, 9080, 9081, 10080, 22788
http://www.arbornet.org/projects.html
telnet m-net.arbornet.org
http://www.cyberspace.org/
telnet cyberspace.org
http://www.ductape.net/
telnet ductape.net
http://sdf.lonestar.org/
telnet sdf.lonestar.org
http://www.nyx.net/
telnet nyx.nyx.net
http://www.suburbia.com.au/
telnet suburbia.com.au (SSH)
telnet suburbia.com.au 2323 (telnet)
http://www.saunalahti.fi/~aekman/taboom/free_shell.html
http://www.freebelt.com/freeshells.html
http://www.geocities.com/SiliconVall.../freeuspl.html
http://www.leftfoot.com/free-shell.html
faxabruf
web.de anrufbeantworter 0049-1212-552489659
softhome.net: free email with smtp server mail.softhome.net:2500 and mail.softhome.net:25000
url hiding mit ascii, hex, oktal u.s.w codes.
-----------------------
"Ihre Meinung ist mir zwar widerlich, aber ich werde mich dafür totschlagen lassen, daß sie sie sagen dürfen." [Voltaire]
"Freiheit ist immer auch die Freiheit des Andersdenkenden." [Rosa Luxemburg]
"Wer die Freiheit aufgibt, um Sicherheit zu gewinnen, wird am Ende beides verlieren." [Benjamin Franklin]
"Der Zensor ist ein Beamter, der Dinge empfiehlt, indem er sie verbietet". [Frank Wedekind]
"Krieg bedeutet Frieden, Freiheit ist Sklaverei, Unwissenheit ist Stärke." [George Orwell]
"Die Freiheit nutzt sich ab wenn man sie nicht nutzt." [Reinhard Mey, Gefesselte Ente]
--------------------------------------------------------------------------------
- Artículos varios - - Libertades Civiles -
--------------------------------------------------------------------------------
HOWTO bypass Internet Censorship
Freerk Ohling <[email protected]>, last updated 2003-07-03
--------------------------------------------------------------------------------
1. Introduction
1.1 About Internet censorship
1.2 Why am I writing this?
1.3 How to get this file
2. Possible weaknesses
3. Different kinds of censorship
3.1 Blocked URL's via the DNS-server
3.2 Forced proxy server / transparent proxy
3.3 Keyword filter
3.4 Blocked ports
3.5 Software on the client (child protection e.t.c)
3.5.1 NetNanny
3.5.2 CyberSitter
3.5.3 AOL Parental Control
3.5.4 CyberPatrol
3.5.5. SurfWatch / SurfControl
3.6 Censorware on the server (inside of networks)
3.6.1 Bess/N2H2
3.6.2 DansGuardian
3.6.3 WebSense
3.6.4 WebWasher
3.6.5 SmartFilter
3.6.6 squidGuard
3.7 Whitelist
3.8 IP blocking on the routers
4. Different ways to bypass censorship
4.1 Using a different ISP
4.2 Using a not censoring DNS-server
4.3 Using a non censoring proxy server
4.3.1 Standard proxy
4.3.2 Uncommon port proxy
4.3.3 Socks proxy
4.3.4 Set up an own proxy server
4.3.5 Special proxy / tunnel tools
4.3.5.1 JAP
4.3.5.2 Httport
4.3.5.3 Localproxy
4.3.5.4 HttpTunnel
4.3.6 Wingates
4.4 Using a shell
4.5 Using a webproxy
4.5.1 Standard webproxies
4.5.2 Webproxies with encrypted URL's
4.5.3 Webproxies over a secure SSL-connection
4.5.4 Translators, warpers, e.t.c that can be used as a proxy
4.6 Get Webpages via eMail
4.7 Using steganography
4.8 Using a special proxy like peer-2-peer program
4.8.1 Peek a Booty
4.8.2 Freenet
4.8.3 MojoNation
4.8.4 TriangleBoy
4.8.5 Six/Four
4.8.6 Freenet China
4.8.7 Entropy
4.9 Special Services
4.9.1 Usenet
4.9.2 Games
4.9.3 FTP
4.9.4 Instant Messenger
4.9.4.1 ICQ
4.9.4.2 MSN Messenger
4.9.4.3 AIM
4.9.4.4 Yahoo Messenger
4.9.5 Filesharing Programs
5. Howto publish information
6. Appendix
6.1 Links
6.1.1 Other bypass tutorials
6.1.2 Other sites about censorship
6.1.3 Where to get proxies
--------------------------------------------------------------------------------
back to top
1. Introduction
1.1 About Internet censorship
In the last 10 years the Internet grew very, very fast. It is a bunch of thousands of little networks put together. Billion computers are connected and it is basically not controlled or even owned by a government or company. There are no laws, everybody can put his webpages online which can be accessed by everybody on the world who is sitting in front of a computer with Internet access. I belive that this can and will change the world as we know it today.
But there are several governments who think that this unlimited access to information is dangerous for their citizens. These are for example China, Saudi Arabia, Australia, Bahrain, Cuba, Jordan, Tunisia, Burma, Singapore, Uzbekistan, Yemen, Kuwait, Vietnam, Syria, Iran, United Arab Emirates and parts of Africa and Germany. This ranks from a very easy to circumvent DNS blocking of only 2 nazi sites in parts of Germany to a government office with 30.000 employees only working in blocking thousands of websites, services and ports in China.
Though the blocking methods are different there are also different ways to bypass them. I will try to show you how to access the website of Amnesty International, BBC, Google and other blocked sites in your country. I made this website in very basic HTML, so that you can even view it with a very old computer. Please share this information, link the site, copy it, mirror it, print it (I didn't "hide" any links, so that no link is lost when you print it) and teach your friends and relatives!
1.2 Why am I writing this?
Well, I'm living in Germany, which is not very famous for it's censoring. But the local government from one of the 16 German states (NRW) tries to introduce censorship by blocking 2 US nazi sites. Sure, I really don't like those guys but in my opinion no government or even a system administrator got the right to choose which information a individual have access to. What websites are next? Who chooses which websites will be blocked? Additionally, my school blocks some websites and so I became interesting in this topic.
1.3 How to get this file
As you are reading this you actually found this file somewhere. The most updated version you can get here:
European mirror: http://www.zensur.freerk.com/ - (Lambdanet - Erfurt, Germany)
American mirror: http://nocensor.opennetinitiative.net/ - (University of Toronto, ON, Canada)
Asian/Pacific mirror: http://tokyo.cool.ne.jp/cship/ (Infoseek - Tokyo, Japan)
SSL mirror: https://secure.sslpowered.com/bpass/ (Netfirms, Toronto, ON, Canada)
Dynamic IP mirror: http://maybe-yours.dyndns.org/ (please email me)
eMail autoresponder: [email protected] (just send an empty email, you will automatically get this text as plain HTML in return.)
--------------------------------------------------------------------------------
back to top
2. Possible weaknesses
You have to choose to bypass the Internet censorship or not. I only show you how to do it, I can't take any responsibility. In several censor countries you will go to jail if they catch you, in a lot of companies you will get fired and some schools will ban you.
Of course the censors not only block internet traffic, they are also looking at it (in countries/companies with a little Internet population) and try to find out who is bypassing their firewall how. An easy way to find out who (and how) is bypassing the firewall is by just looking for some identicators in the logfiles:
Right after the Internet connection is established the user is connecting to only one server and remains connected to it all the time he's online.
What a user do right after he gets an "access denied" message from his censor. (open a special website, go to a chatroom, connect to a special server...)
Try to avoid getting cought this way!
More infos: http://www.peacefire.org/circumvento...eaknesses.html
http://peek-a-booty.org/pbhtml/downl...Lopwistcic.htm
--------------------------------------------------------------------------------
back to top
3. Different kinds of censorship
There are many different solutions to censor Internet traffic. Sometimes there are 2 or more combined. Please write me to [email protected] which blocking methods are used in your country, which ISP are you using and the ways that work for you to bypass it, it would be very useful for other users!
3.1 Blocked URL's via the DNS-server
This is used for example from some German providers. It is a very cheap and easy censoring method and the same is true for bypassing it. First, I will explain what the Domain Name System is: Every computer on the Internet has an unique adress, a little bit like a telephone number. These are 4 numbers from 0 to 255 seperated with a dot. For example: 62.141.48.209 is the IP adress for www.freerk.com. Because of remembering such a number is very difficult, the DNS was invented. This service maps an URL to it's IP adress. If you type www.freerk.com into your browser, the request is send to the DNS-server that was automatically given to you by your ISP on dialing into the Internet. A lot of addresses are already cached, so the DNS-server sends the IP adress for the URL back to you. If the DNS-server has no cached information on the site requested by you, he asks on of the 13 root servers, which know all addresses. If the DNS-server from your provider is censoring, he just refuse to send you the real IP-adress. He sends you nothing or an IP from a "sorry" website.
3.2 Forced proxy server / transparent proxy
You have to specify a proxy server in your 'Internet Explorer' settings in order to get a connection to the Internet. Sometimes, the ISP is using a transparent proxy. With these you can't see easily if there is a proxy or not. Every request you send to or receive from the Internet is checked at this server and redirected to you (well, or not...).
3.3 Keyword filter
This means that all Internet traffic goes through the servers of the censor, who is scanning the content for 'bad words'. This dynamic filtering is true for most filters in schools, libraries and companies. If the site contains bad words it is blocked. The person who is offering the blocked information could prevent the censoring by "hide" the content inside of images. For the user there is almost no difference, but it is difficult for a computer program to "read" the text inside an image. Also SSL encrypted traffic (a URL starting with https://...) can't be scanned easily. You can test which keywords are blocked on your connection on http://www.zensur.freerk.com/kword/ there you can enter the keyword(s) you want to test an click on "send" when you get the message "You entered blablabla" in return everything is fine, but if you get an error message you know which words are blocked.
3.4 Blocked ports
Ports are like doors for a special service to a server or PC. They rank from 0 to 65535. The standard ports are from 0 to 1024, these are the well known ports. The official list you can get unter http://www.iana.org/assignments/port-numbers. If a censor blocks a port, every traffic on this port is dropped, so its useless for you. Most censors blocks the ports 80, 1080, 3128 and 8080, because these are the common proxy ports. Because all of the proxies on common ports are useless for you, you have to find proxies that are listening on an uncommon port. These are very difficult to find.
You can easily test which ports are blocked on your connection. Just open the DOS-prompt, type telnet login.icq.com 80 and hit enter. The number is the port you want to test. If you get some wired symbols in return everything is ok, if it says "timeout" or something similar, that port is blocked by your ISP. Here are the most important ports for us:
20+21 - FTP (file transfer)
22 - SSH (secure remote access)
23 - telnet (remote access) and also Wingates (special kind of proxies)
25 - SMTP (send email)
53 - DNS (resolves an URL to an IP)
80 - HTTP (normal web browsing) and also a proxy
110 - POP3 (receive email)
443 - SSL (secure HTTPS connections)
1080 - Socks proxy
3128 - Squid proxy
8000 - Junkbuster proxy
8080 - a proxy
3.5 Censorware on the client (child protection e.t.c)
Normally the censorship is implemented on servers from the ISP or government, but in some schools, private homes and some companies the blocking software is installed on every PC.
More info: http://www.peacefire.org/
http://www.cexx.org/censware.htm
http://www.epinions.com/cmsw-Kids-Topics-2
http://www.securiteam.com/securityre..._bypassed.html
3.5.1 NetNanny
More info: http://www.netnanny.com/index.html
http://peacefire.org/censorware/Net_Nanny/
3.5.2 CyberSitter
More info: http://www.cybersitter.com/
http://www.spectacle.org/alert/peace.html
http://www.peacefire.org/censorware/CYBERsitter/
3.5.3 AOL Parental Control
More info: http://www.aol.com/info/parentcontrol.html
3.5.4 CyberPatrol
More info: http://www.cyberpatrol.com/
http://www.peacefire.org/censorware/Cyber_Patrol/
3.5.5. SurfControl
More info: http://www.surfcontrol.com/
http://peacefire.org/censorware/SurfWatch/
3.6 Censorware on the server (inside of networks)
This are programs that are mostly installed on servers in schools, libraries, companies or countries with a little Internet population.
3.6.1 Bess/N2H2
Bess is a proxy filter that is often used in schools/universities and companies. It can easily bypassed with Webproxies.
More info: http://www.n2h2.com/products/bess_home.php
http://www.peacefire.org/censorware/BESS/
3.6.2 DansGuardian
It's a Open Source Webfilter. Free for non-commercial use and thus it is widhly spread in universities, schools and libraries. It works as a Proxy with URL and keyword filtering (and also with the PICS-Standard). It's often used on a IPCop machine, however, the author from DansGuardian doesn't like it.
More Info: http://dansguardian.org/
3.6.3 WebSense
More Info: http://www.websense.com/
http://www.peacefire.org/censorware/WebSENSE/
3.6.4 WebWasher
More Info: http://www.webwasher.com/
3.6.5 SmartFilter
More Info: http://www.securecomputing.com/index.cfm?skey=85
http://www.peacefire.org/censorware/SmartFilter/
3.6.6 squidGuard
More Info: http://www.squidguard.org/
3.6.7 new_new
3.7 Whitelist
Most Internet filters works with a blacklist, which means that access to all sites is allowed, except some special sites (well, sometimes there are a lot exceptions...). A whitelist works the other way around: Access to all sites is blocked, except some special ones. For a normal ISP it is almost impossible to offer, because the Internet is nearly worthless. The whitelist scheme is used by free Internet terminals that are sponsored by a company which allows users the free access to their e-commerce site. This filter scheme is the most difficult to circumvent.
Some time ago, there was a German ISP who had a completely free 0800-dial in number. Once you dialed in, you only could surf to amazon.de and about 10 more e-commerce sites. But you could also connect to the other customers of the ISP. So somebody with a flatrate connected to both his normal ISP and the 0800-free ISP and set up a proxy. So all the users of the free ISP could use that proxy to connect to other sites.
3.8 IP blocking on the routers
--------------------------------------------------------------------------------
back to top
4. Different ways to bypass censorship
Since you can't directly access a server that is blocked you have to send the request to a non blocked server which redirects the traffic to the real site you want to visit. There are different types of these "gatekeepers".
4.1 Using a different ISP
Well, it's as easy as it sounds: Just change your Internet Service Provider! For example only in 'Nordrhein-Westfalen' (a state of Germany) there is a censoring firewall, you can just subscribe to an ISP outside that state. But normally the censorship counts for all the country. One possibility is to try out an ISP outside the country. That costs a lot, but that way you do have a normal Internet access and don't have to worry about getting around filters. This could be a normal dialup provider in an neighbor country or better a 2-way Internet access via satellite like http://www.europeonline.com/ http://registrierung.tiscali.de/prod...0_satellit.php, http://www.gilat.de/, http://www.hns.com/, http://www.vsatnet.com/, http://www.starband.com/, http://www.wildblue.com/, http://www.skycasters.com/, http://www.directduo.com/, http://www.orbitsat.com/, http://www.ottawaonline.com/ and so on, just search with a search engine for '2-way internet via satellite [your country or neighborcountry]' or something like that.
4.2 Using a not censoring DNS-server
Normally, you automatically would use the DNS-server of your ISP to resolve domain names like www.freerk.com to 62.141.48.209. Internally, only these IP-addresses are used to send/receive data in the Internet. If your DNS-server is censoring, you simply can use another DNS-server. Under Windows, just right-click in your system panel on the 'network' icon and select properties of the TCP/IP-protocol. In Linux you have to edit the '/etc/resolv.conf' file. Use the server that is (virtual) your nearest. If you want to setup your own DNS-server use Bind (http://www.isc.org/products/BIND/). The list of the 13 official root servers is located here: ftp://ftp.rs.internic.net/domain/named.root for reduancy it would be good to ad the alternative root servers located in Europe from ORSN: ftp://ftp.orsn.org/orsn/orsn.hint.
Non censoring DNS-Servers:
dns2.de.net - 194.246.96.49 (Frankfurt, Germany)
sunic.sunet.se - 192.36.125.2 (Stockholm, Sweden)
master.ns.dns.be - 193.109.126.140 (Leuven, Belgium)
merapi.switch.ch - 130.59.211.10 (Zurich, Switzerland)
prades.cesca.es - 192.94.163.152 (Barcelona, Spain)
michael.vatican.va - 212.77.0.2 (Vatican City, Italy)
dns.inria.fr - 193.51.208.13 (Nice, France)
ns0.ja.net - 128.86.1.20 (London, UK)
nic.aix.gr - 195.130.89.210 (Athens, Greece)
ns.ati.tn - 193.95.66.10 (Tunis, Tunisia)
ns1.relcom.ru - 193.125.152.3 (Moscow, Russia)
trantor.umd.edu - 128.8.10.14 (College Park, MD, USA)
ns1.berkeley.edu - 128.32.136.9 (Berkeley, CA, USA)
merle.cira.ca - 64.26.149.98 (Ottawa, Canada)
ns2.dns.br - 200.19.119.99 (Sao Paulo, Brasil)
ns2.gisc.cl - 200.10.237.14 (Santiago, Chile)
ns.uvg.edu.gt - 168.234.68.2 (Guatemala, Guatemala)
ns1.retina.ar - 200.10.202.3 (Buenos Aires, Argentina)
ns.unam.mx - 132.248.253.1 (Mexico City, Mexico)
ns.wide.ad.jp - 203.178.136.63 (Osaka, Japan)
ns.twnic.net - 192.83.166.11 (Taipei, Taiwan)
ns3.dns.net.nz - 203.97.8.250 (Wellington, New Zealand)
box2.aunic.net - 203.202.150.20 (Melbourne, Australia)
It's also possible to act as a manual DNS server by yourself. Just use the ping or traceroute service on a non censoring machine to get the IP of your desired server. Then use the IP instead of the URL in your browser. You will always get an IP, but it won't work every time to access the website via the IP, because a lot of webhosters host up to 500 or more websites on one server with one IP. But it will work fine with bigger websites.
http://195.193.168.164/ - Rotterdam, Netherlands (JAVA VISUALROUTE)
http://www.vs1.ffs-server.de:8000/ - Darmstadt, Germany (JAVA VISUALROUTE)
http://202.85.153.198:8080/ - Hong Kong (JAVA VISUALROUTE)
https://www.velia.net/tools/traceroute.php - Hanau, Germany (HTTPS encrypted)
http://www.traceroute-gateways.com/ - About 1000 public ping/traceroute gateways sorted by country
http://www.traceroute.org/ - Another list with public ping/traceroute services sorted by country
4.3 Using a non censoring proxy server
You can put a proxy server between your Internet connection and the site you want to visit. You send your request for a special website to that proxy server, which request the page from the Internet and deliver it to you. Normally, those servers cache the requested pages, so that on the next request he can deliver the page directly from the cache. That would be faster and cheaper. We use those servers to bypass censorship. For the eyes/computers of our ISP/Government we are only connecting to the proxy, they can't easily see, that we are connecting to a "bad site". But sometimes the standard proxy ports (80, 1080, 3128 and 8080) are blocked. In that case you have to use the proxies that are listening on an uncommon port.
4.3.1 Standard proxy
Standard Proxies you can find everywhere on the net. Almost every provider offer a proxy for their customers. Here are a few, its in the widly spread "hostname:port" format. Theese proxies are mostly not anonymous!
www-proxy.t-online.de:80 (Bonn, Germany)
cair.res.in:80 (Bangalore, India)
esjv.com.hk:80 (Hong Kong)
mail.unisol.com.ar:80 (Argentina)
souththornlieps.wa.edu.au:3128 (Perth, Australia)
proxy.olimpo.com.br:8080 (Rio de Janeiro, Brasil)
203.77.236.3:8080 (Jakarta, Indonesia)
4.3.2 Uncommon port proxy
Due to the fact that several censors block the common proxy ports (80, 1080, 3128 and 8080) to prevent circumvention you have to use proxies that are listening on a uncommon port. For example 8000 for the Junkbuster proxy or 6588 for the AnalogX proxy. You get a weekly updated list of Proxies that are listening on a non standard port here: http://www.zensur.freerk.com/list.txt or via eMail autoresponder at [email protected].
4.3.3 Socks proxy
More info: http://www.ufasoft.com/socks/
http://proxylabs.netwu.com/proxycap/
4.3.4 Set up an own proxy server
More info: http://www.gcd.org/sengoku/stone/
http://www.junkbusters.com/ijb.html
http://www.boutell.com/rinetd/
4.3.5 Special proxy / tunnel tools
4.3.5.1 JAP
JAP is an free and open source anonymity tool invented by a German university. It sends your traffic encrypted through different mixes, so that absolutely nobody, not even the owner of on of the mixes know who is accessing which site. This is also on of the best tools to circumvent censorship. Just follow the instalation instructions on http://anon.inf.tu-dresden.de/index_en.html on installing the Java client (available for Windows, Unix, Linux, OS/2, Macintosh and others) The infoservice is listening on port 6543, the Dresden-ULD mix on port 26544, the Dresden-Dresden mix on port 6544 and the Dresden-Luebeck mix on port 9544.
4.3.5.2 Httport
http://www.htthost.com/
4.3.5.3 Localproxy
http://proxytools.sourceforge.net/
4.3.5.4 HttpTunnel
http://www.http-tunnel.com/
http://www.nocrew.org/software/httptunnel.html
4.3.6 Wingates
More info: http://www.deerfield.com/products/wingate/
--------------------------------------------------------------------------------
4.4 Using a shell
http://www.chiark.greenend.org.uk/~sgtatham/putty/
http://directory.google.com/Top/Comp...ell_Providers/
http://www.panix.com/shell.html
http://www.shellux.net/
4.5 Using a webproxy
Webproxies are CGI-******s that you call with your browser and open a different URL (Internetadress) with. So your firewall thinks you are only connecting to the server with the CGI-******. The addresses under 4.5.4 are not really meant as proxies. They act as translators, html-checkers or as a webarchive. You can use them as a kind of proxy anyway. These webproxies are a good thing for "quick 'n dirty" bypassing. You don't have to configure your browser or something, but it's kind of slow and won't work with all webpages. Only the proxies that are going over a secure connection can be used for phrase filtering, but the others a perfect for URL/IP filtering. Use them in your school, company or library when you have no privileges to install/change something on the machine. These links points to google.de because the site is very small, usefull, always on and does not contain the ".com" extension of DOS-Files that are filtered by some proxies. If you do have webspace with cgi abillity you can download the CGIProxy from James Marshall and install it on that webspace (there is a easy installer which does everything for you: http://install.xav.com/). To find new working proxies search for "nph-proxy.cgi", "nph-proxy.pl", "Start Using CGIProxy", "Start browsing through this CGI-based proxy" or something like that with Google, Altavista, Yahoo or another search engine.
4.5.1 Standard webproxies (mostly CGIProxies: http://www.jmarshall.com/tools/cgiproxy/)
http://anon.free.anonymizer.com/http://www.google.de/
http://invis.free.anonymizer.com/http://www.google.de/
http://anonymouse.ws/cgi-bin/anon-ww...www.google.de/ (Advertisement)
http://www.sendfakemail.com/anonbrowser/ (Without images)
http://203.26.19.30/proxy/proxy.pl/0...www.google.de/ (Whitout images)
http://ground0.hypermart.net/nph-cyb...www.google.de/
http://www.mdsme.de/cgi-bin/nph-spin...www.google.de/
http://www.dumpfbacke.de/cgi-bin/mds...www.google.de/
http://www.pureprivacy.com/ (Advertisement)
http://www.marzie.com/webtools/proxy...www.google.de/ (Advertisment)
http://www.mckendree.edu/******s/nph...www.google.de/
http://pasty.hypermart.net/cgi-bin/n...www.google.de/
http://203.26.19.30/proxy/nph-proxy....www.google.de/
http://www.tku.ac.jp/~99e1330/cgi-bi...www.google.de/
http://www.delorie.com/web/purify.cg...Fwww.google.de (Advertisment)
http://proxy.drkangel.com/nph-index....www.google.de/
http://www.perseus.tufts.edu/cgi-bin...www.google.de/
http://www.anonymization.net/1/1/A/h...www.google.de/
http://brianwiese.net/cgi-bin/nph-pr...www.google.de/
http://www.wgbh.org:81/cgi-bin/nph-a...www.google.de/
http://www.vbdesign.net/cgi-bin/nph-...www.google.de/
http://www.jetropolis.com/cgi-bin/np...www.google.de/
http://digitalizedzone.com/cgiproxy/...www.google.de/
http://www.rocketstable.com/nph-prox...www.google.de/
http://unfeomateo.com/cgiproxy/nph-p...www.google.de/
http://www.morgurch.com/nph-proxy.cg...www.google.de/
http://www.joelkimble.com/cgi-bin/np...www.google.de/
http://www.linuxdistributions.com/cg...www.google.de/
http://martignier.net/cgi-bin/nph-pr...www.google.de/
http://ym2400z.virtualave.net/cgi-bi...www.google.de/
http://glass.ipe.tsukuba.ac.jp/~s011...www.google.de/
http://ef-chat.hypermart.net/jiimbo-...www.google.de/
http://www.anonsurf.de/cgi-bin/nph-a...www.google.de/
http://www.spunge.org/~hyperwar/nph-...www.google.de/
http://www.valkaryn.net/proxy/nph-pr...www.google.de/
http://www.rahty.com/nph-proxy.cgi/0...www.google.de/
http://www.boyscorp.com/prx/nph-prox...www.google.de/
http://www.thinksquad.com/cgi-bin/np...www.google.de/
http://www.hostsite.org/proxy/nph-pr...www.google.de/
http://free2.surffreedom.com/nph-fre...www.google.de/
4.5.2 Webproxies with encrypted URL's
http://www.proxyone.com/cgi-bin/nph-...676c652e64652f (Without images)
http://proxy.guardster.com/cgi-bin/n...676c652e64652f
http://www.chronicpulse.net/anonymou...ZGU-:&v:njs=on (Advertisment, Without images)
http://proxify.com/nph-proxy.cgi/000...676c652e64652f (Advertisment)
http://www.team777.com/cgi-bin/ey3/n...676c652e64652f
4.5.3 Webproxies over a secure SSL-connection
a lot of ssl-webproxies can be found here: http://qingxin.mine.nu/ssl.asp
https://www.anonsurf.de/cgi-bin/nph-...www.google.de/
https://dtnet.getmyip.com/cgi-bin/np...yyy.iqqing.fg/ (encryption is letter +2 in the alphabet)
https://dweb.homeunix.org/cgi-bin/np...yyy.iqqing.fg/ (encryption is letter +2 in the alphabet)
https://dtw.ods.org/cgi-bin/nph-prox...www.google.de/
https://nav.ebutechnologies.com/secu...www.google.de/
https://ym2400z.virtualave.net/cgi-b...www.google.de/
https://vip.megaproxy.com/go/_mp_fra...www.google.de/ (Advertisment)
https://proxify.com/nph-proxy.cgi/00...676c652e64652f (Advertisment)
https://www.perseus.tufts.edu/cgi-bi...www.google.de/ (Without images)
https://www.eopledaily.com/dmirror/http/www.google.de/
https://nhuanet.com/cgi-bin/nph-prox...www.google.de/
https://dtaiwang.ftphost.net/cgi-bin...www.google.de/
https://www.eopledaily.com/cgi-bin/n...www.google.de/
https://nadaily.com/cgi-bin/nph-prox...www.google.de/
https://wan.myftp.biz/cgi-bin/index....nnn.kxxkdj.vj/
https://www.amduus.com/cgi-bin/nph-p...www.google.de/
https://ym2400z.virtualave.net/cgi-b...www.google.de/
https://ef-chat.hypermart.net/jiimbo...www.google.de/
4.5.4 Translators, warpers, e.t.c that can be used as a proxy
http://www.dejavu.org/ (Browser Emulator)
http://crit.org/http://www.google.de/
http://paranormal.about.com/gi/dynam...Fwww.google.de
http://bobby.cast.org/bobby/bobbySer.../www.google.de (Websitechecker)
http://www.vischeck.com/vischeck/vischeckURL.php (Websitechecker)
http://spireproject.com/cgi-bin/foot.../www.google.de (Footnote?)
http://cyber.law.harvard.edu/cite/an.../www.google.de (kind of a footnote)
http://webwarper.net/ww/~GZ/www.google.de/?* (Warper)
http://babelfish.altavista.com/ (Translator)
http://www.freetranslation.com/web.htm (Translator)
http://translation.langenberg.com/ (Translator)
http://www.systransoft.com/ (Translator)
http://www.translate.ru/srvurl.asp?lang=de (Translator)
http://translator.abacho.de/ (Translator)
http://www.t-mail.com/cgi-bin/tsail (Translator)
http://www.google.com/language_tools?hl=de (Translator)
http://tarjim.ajeeb.com/ajeeb/default.asp?lang=1 (Translator)
http://www.sdlintl.com/enterprise-sy...translator.htm (Translator)
http://rinkworks.com/dialect/ (Fun-Translator)
http://www.brunching.com/drugslanger.html (Fun-Translator)
http://www.****olize.com/cgi-bin/***...&submit=submit (Fun-Translator)
http://unimut.fsk.uni-heidelberg.de/schwob.html (Fun-Translator
http://www.google.com/ .de/ .fr/ (the Google Cache)
http://web.archive.org/web/*/http://www.google.de (Archive of the Internet since 1996)
http://www.marzie.com/webtools/proxybuster/ (get files)
http://alltooflat.com/geeky/elgoog/ (a Google fun mirror mirror)
http://www.guhgel.de/ (another Google fun mirror)
http://www.assoziations-blaster.de/www.something.de/
http://mirror.sytes.org/ (a fun mirror mirror *gg*)
http://proxy.citizenlab.org/google/ (a Google mirror)
http://google.icq.com/search/ (a Google mirror)
http://www.zensur.freerk.com/google/ (a mirror for the Google mirror...)
http://www.google-watch.org/cgi-bin/proxy.htm (another Google and Alltheweb mirror)
http://www.aigeek.com/txt2html/txt2h...Fwww.google.de (html2text)
http://gritechnologies.com/tools/dia...www.google.de/ (see as a search engine)
4.6 Get webpages via eMail
Several years ago when the Internet connections where slow and the "www" just invented, many people just got a to email restricted access to the Internet. That's the origen of the "Agora" and "www4email" software. Some of these email robots are still available and we can use them to bypass Internet censorship. The best thing would be to subscribe to a free email provider which allows SSL-connections (like https://www.fastmail.fm/, https://www.ziplip.com/, https://www.hushmail.com/, https://www.safe-mail.net/, https://www.mail2world.com/, https://webmail.co.za/, https://www.webmails.com/ e.t.c) and use that account with the email addresses below. I put the field where you have to input the URL in brackets. It still works great for text. But sure there are big problems with images or even DHTML, **********, Java, Flash e.t.c. Also other services besides www are possible, for a very good tutorial on this see ftp://rtfm.mit.edu/pub/usenet/news.a...cess-via-email. There is also a web based sar.com/google/
More info: http://www.cix.co.uk/~net-services/mrcool/
4.7 Using steganography
4.8 Using a special proxy like peer-2-peer program
There are different projects of peer-2-peer programs to bypass censorship. They work like Napster, Kazaa and eDonkey, which means that you have to download a little tool that contains a server and a client part.
4.8.1 Peek a Booty
More info: http://www.peek-a-booty.org/
4.8.2 Freenet
Freenet is the oldest and most widly spread P2P-program to beat censorship, so a lot of people use it and its actually working since several years quite well. There is no access to the Internet possible through the Freenet client. You can only view/download stuff from the 'free net'. You install the client as a local proxy which is listening on port 8888 and can access links like ' http://localhost:8888/SSK@fjfkHAbxdwMyTMFgtZjcP2ge-AYPAgM/sites/fwhh/index.html' It looks like a kind of normal URL. The 'localhost:8888' addresses the proxy server on port 8888 that is running on your local machine the rest is something like an encrypted filename. It is not possible to determine who put some information into the network or who is downloading it.
More info: http://freenetproject.org/
http://www.freenet-china.org/
4.8.3 MojoNation
More info: http://www.mojonation.net/
4.8.4 TriangleBoy
More info: http://www.safeweb.com/tboy_service.html
4.8.5 Six/Four
More info: http://www.hacktivismo.com/
4.8.6 Entropy
More info: http://entropy.stop1984.com/
4.9 Special Services
4.9.1 Usenet
The normal port for newsservers 119 is usually blocked, so you have to access the usenet via a different port. If you only sometimes want to read some very common newsgroups you can easily visit them via free web-based newsservers like http://groups.google.com/ or http://news.spaceports.com/. A lot of newsserver companies offer their services on a non standard port. Just ask them before signup. If you need access to a newsserver with your newsclient you have to subscribe to one of these newsserver-companies which allow access to their newsservers on an uncommon port:
http://www.giganews.com/ - (ports 23 and 80 are working)
http://www.easynews.com/ - (use their web-based newsserver or try the 'proxy.news.easynews.com' with port 21, 22, 23, 25, 53, 80, 110, 443 or 8080)
http://www.newscene.com/ - (try the 'proxy.newscene.com' with the ports 20, 21, 22, 23, 25, 53, 80, 81, 110, 443 or 8080)
http://www.supernews.com/ - (you can access their newsservers via any port you like)
Note: all traffic is unencrypted, so you can access these newsservers, but the censors can easily monitor all your traffic! It would be more secure to use a SSH port forwarding.
thanks to 'sshproxy' from the nocensodigo.org/features/express.html>http://odigo.org/features/express.html (the odigo client online, works well) http://messenger.lycos.co.uk/messenger/index.jsp (lycos messenger, works with msn and yahoo)
4.9.4.3 AIM
login.oscar.aol.com:5190 Accepts connections on all ports. There are 2 official web clients: The old QuickBuddy: http://toc.oscar.aol.com/ and the newer AIM Express: http://toc.oscar.aol.com/aimexpress/index.html
4.9.4.6 Yahoo Messenger
cs.yahoo.com:5050 or cs.yahoo.co.jp:5050 Can be accessed online via: http://messenger.yahoo.com/
4.9.5 Filesharing Programs
Gnutella (decentralized) - BearShare, Gnucleus, LimeWire, new Morpheus
FastTrack (commercial, with Server) - KaZaA, KaZaA Lite, Grokster, old Morpheus
eDonkey2000 (lots of servers, uses mainly port 4662) - eDonkey2000, Overnet, eMule
OpenNap (lots of servers) - FileNavigatior, WinMX, Rapigator, TekNap, audioGnome, XNap
--------------------------------------------------------------------------------
back to top
es the proxy server on port 8888 that is running on your local machine the rest is something like an encrypted filename. It is not possible to determine who put some information into the network or who is downloading it.
More info: http://freenetproject.org/
http://www.freenet-china.org/
4.8.3 MojoNation
More info: http://www.mojonation.net/
4.8.4 TriangleBoy
More info: http://www.safeweb.com/tboy_service.html
4.8.5 Six/Four
More info: http://www.hacktivismo.com/
4.8.6 Entropy
More info: http://entropy.stop1984.com/
4.9 Special Services
4.9.1 Usenet
The normal port for newsservers 119 is usually blocked, so you have to access the usenet via a different port. If you only sometimes want to read some very common newsgroups you can easily visit them via free web-based newsservers like http://groups.google.com/ or http://news.spaceports.com/. A lot of newsserver companies offer their services on a non standard port. Just ask them before signup. If you need access to a newsserver with your newsclient you have to subscribe to one of these newsserver-companies which allow access to their newsservers on an uncommon port:
http://www.giganews.com/ - (ports 23 and 80 are working)
http://www.easynews.com/ - (use their web-based newsserver or try the 'proxy.news.easynews.com' with port 21, 22, 23, 25, 53, 80, 110, 443 or 8080)
http://www.newscene.com/ - (try the 'proxy.newscene.com' with the ports 20, 21, 22, 23, 25, 53, 80, 81, 110, 443 or 8080)
http://www.supernews.com/ - (you can access their newsservers via any port you like)
Note: all traffic is unencrypted, so you can access these newsservers, but the censors can easily monitor all your traffic! It would be more secure to use a SSH port forwarding.
thanks to 'sshproxy' from the nocensorship mailinglist
4.9.2 Games
4.9.3 FTP
http://inebria.com/phpftp/
http://www.angehrn.com/index.php?cat=28
http://www2ftp.de/
http://webftp.host.sk/
4.9.4 Instant Messenger
Instant Messenger are very popular. You have to register your nickname at one of the companies and download their software. Then when you are in the Internet you can start the software and log onto their servers. Since then you are marked as "online" and all your friends who know your nickname and get the same Instant Messenger can see that you are online and easily chat with you. Every of the 4 big players has its own software client which contains advertisments, spyware and is not compatible with other IM protocols. I recomment you to download Miranda, which is a open source Instant Messenger which is very small, without ads or spyware and working without installation. It works great with every IM protocol, even at the same time. http://miranda-im.org/
4.9.4.1 ICQ
ICQ is the oldest and most used Instant Messenger. There are many different clients out there. They normally all connect to login.icq.com:5190 via TCP in both directions. But the server accepts connections on all ports. The Java version can be started here: http://go.icq.com/. With this, you will normaly connect to iht-d01.icq.com (205.188.213.0) on the normal http port 80. At "Settings" you can also choose a different port.
4.9.4.2 MSN Messenger
messenger.hotmail.com:1863 - Since there isn't an official web-based client out there you have to try the services from different companies. You give them your password, so you have to trust them! And ask Microsoft to introduce a web-based client here: http://messenger.msn.com/support/contactus.asp?client=1 http://www.mister-i.com/i-mode/messenger.jsp (i-mode, after 3 days it costs $) or http://kickme.to/msnmessenger2go (he's still working on it) http://www.messengeradictos.com/inde...essengeronline (spanish with activex) http://odigo.org/features/express.html (the odigo client online, works well) http://messenger.lycos.co.uk/messenger/index.jsp (lycos messenger, works with msn and yahoo)
4.9.4.3 AIM
login.oscar.aol.com:5190 Accepts connections on all ports. There are 2 official web clients: The old QuickBuddy: http://toc.oscar.aol.com/ and the newer AIM Express: http://toc.oscar.aol.com/aimexpress/index.html
4.9.4.6 Yahoo Messenger
cs.yahoo.com:5050 or cs.yahoo.co.jp:5050 Can be accessed online via: http://messenger.yahoo.com/
4.9.5 Filesharing Programs
Gnutella (decentralized) - BearShare, Gnucleus, LimeWire, new Morpheus
FastTrack (commercial, with Server) - KaZaA, KaZaA Lite, Grokster, old Morpheus
eDonkey2000 (lots of servers, uses mainly port 4662) - eDonkey2000, Overnet, eMule
OpenNap (lots of servers) - FileNavigatior, WinMX, Rapigator, TekNap, audioGnome, XNap
--------------------------------------------------------------------------------
back to top
5. Howto publish information
The one think is to access information that is already censored, but the other challenge is to publish own information that can't easily be censored. Here you can se my ideas on how to avoid censorship:
Publish with a lot of mirrors. Especially dynamic IP's with a dyndns.org redirector are useful. Put your pages on so much different servers that the censors can't get along with blocking al the servers.
Use one-time-addresses. These are links/URL's that are only valid for 1 visit or 1 hour, they are often used for payed downloads.
Hide the 'dangerous' content. For example save text as images. The users won't notice it, but its difficult for the censor-spiders to 'read' the content.
Host on a secure server in another country. For example with http://www.havenco.com/ which is located at Sealand, an independent country on a little island in the north sea near England.
Encrypt the content. Use .htaccess and/or SSL for your website and AES, Twofish or Rijndael for files.
Offer your data in P2P-Programs. Filesharing programs like Kazaa or eDonkey are very difficult to censor (see the problems of the music companies...)
Send content via eMail. Create a autoresponder from which everybody with a hotmail account can receive your content from.
Martus. It's a encrypted bulletin service to post and view informations. See: http://www.martus.org/
More info: http://www.wired.com/news/technology...2,5778,00.html
--------------------------------------------------------------------------------
back to top
6. Appendix
6.1 Links
6.1.1 Other bypass tutorials
http://galileo.spaceports.com/~simeo...p-evasion.html
http://www.angelfire.com/my/6waynes/
http://www.ijs.co.nz/proxies.htm
http://sethf.com/anticensorware/
6.1.2 Other sites about Internet censorship
http://cyber.law.harvard.edu/filtering/
http://www.opennetinitiative.net/oni/ice/
http://peacefire.org/circumventor/
http://www.free-market.net/directorybytopic/censorship/
http://www.stop1984.info/
http://www.cmis.csiro.au/projects+sectors/blocking.pdf
http://www.topology.org/net/censor.html
Mailinglist: http://lists.efa.org.au/mailman/list...top-censorship - (Discussions about censorship in Australia, english)
Mailinglist: http://www.freelists.org/webpage/nocensorship - (How to beat censorship and proxies. Very good!)
http://www.vicnet.net.au/community/issues/censorship/
http://ch.dmoz.org/Society/Issues/Hu...et_Censorship/
http://ch.dmoz.org/Computers/Softwar...round_Filters/
http://ch.dmoz.org/Computers/Softwar...ng/Censorware/
http://ch.dmoz.org/Computers/Softwar...nts/Filtering/
http://ch.dmoz.org/Reference/Librari...ring_Software/
6.1.3 Where to get proxies
http://tools.rosinstrument.com/proxy/
http://www.samair.ru/proxy/
http://www.atomintersoft.com/product...xy/proxy-list/
http://www.steganos.com/software/anonproxylist.sia
http://www.zensur.freerk.com/list.txt
Via autoresponder from [email protected]
http://www.proxyblind.org/phpBB2/ (Very good!)
http://www.samair.ru/f/ (Very good!)
http://www.freeproxy.ru/download/lists/goodproxy.txt
--------------------------------------------------------------------------------
back to top
TO-DO-LIST:
Voice-over-IP
Bildung von Untergrund-(Inter)Netzen in Deutschland (GAMEnet etc.)
dIRC (ChaosComputerCongress 1997) und Abwandlungen
http://www.guardianet.net/
http://www.w3.org/PICS/
http://www.peacefire.org/bypass/Proxy/akamai.html
web-2-phone: http://www.teletrust.info/, http://www.ecommercetimes.com/perl/story/3380.html
ssh as a redirection server
rinetd as a redirection server
junkbuster
http-gw
VPNs
stone as both a redirector and a proxy
running a Perl proxy
often used non standard ports: 20, 21, 22, 23, 24, 25, 81, 82, 83, 84, 443, 1128, 2000, 5000, 6000,
6588, 7070, 8000, 8001, 8002, 8003, 8040, 8081, 8082, 8084, 8090, 8888, 8965, 9080, 9081, 10080, 22788
http://www.arbornet.org/projects.html
telnet m-net.arbornet.org
http://www.cyberspace.org/
telnet cyberspace.org
http://www.ductape.net/
telnet ductape.net
http://sdf.lonestar.org/
telnet sdf.lonestar.org
http://www.nyx.net/
telnet nyx.nyx.net
http://www.suburbia.com.au/
telnet suburbia.com.au (SSH)
telnet suburbia.com.au 2323 (telnet)
http://www.saunalahti.fi/~aekman/taboom/free_shell.html
http://www.freebelt.com/freeshells.html
http://www.geocities.com/SiliconVall.../freeuspl.html
http://www.leftfoot.com/free-shell.html
faxabruf
web.de anrufbeantworter 0049-1212-552489659
softhome.net: free email with smtp server mail.softhome.net:2500 and mail.softhome.net:25000
url hiding mit ascii, hex, oktal u.s.w codes.
-----------------------
"Ihre Meinung ist mir zwar widerlich, aber ich werde mich dafür totschlagen lassen, daß sie sie sagen dürfen." [Voltaire]
"Freiheit ist immer auch die Freiheit des Andersdenkenden." [Rosa Luxemburg]
"Wer die Freiheit aufgibt, um Sicherheit zu gewinnen, wird am Ende beides verlieren." [Benjamin Franklin]
"Der Zensor ist ein Beamter, der Dinge empfiehlt, indem er sie verbietet". [Frank Wedekind]
"Krieg bedeutet Frieden, Freiheit ist Sklaverei, Unwissenheit ist Stärke." [George Orwell]
"Die Freiheit nutzt sich ab wenn man sie nicht nutzt." [Reinhard Mey, Gefesselte Ente]
--------------------------------------------------------------------------------
- Artículos varios - - Libertades Civiles -