Website using port 85

Thu Jan 27 04:53:19 UTC 2005

Hello there!

There are other, more stealthy ways to get around this.  One of my
favorites is http://proxify.com, a Web based HTTP/FTP proxy.  Just go
there, type your Web address, and it should work.  That is, of course
unless your employer is familiar with these.  In this case you might
want to set up your own with a friend who does not have port 80
blocked.  Use the script from this site: 
http://www.jmarshall.com/tools/cgiproxy/.

Another option if you know someone who does not use port 80 on there
connections but has it unblocked is to use a port forwarding
application.  Check this out:  http://www.boutell.com/rinetd/.  Just
have a friend forward port 80 traffic to your IP, and map the domain to
his/her IP.  Another option you might consider.

Happy circumventing!

Ben

On Tue, 2005-01-25 at 18:09, Deron Meranda wrote:
> On Tue, 25 Jan 2005 15:04:11 -0700, dan <info at hostinthebox.net> wrote:
> > Steve Brown wrote:
> > > After learning here on the list that my ISP, Optimum Online, blocks
> > > residential customers from running web servers using port 80, I set up
> > > httpd.conf and my firewall to run my site using port 85.  It works
> > > fine.  Next, I registered a domain with my daughter's name: miabrown.com
> > > through 1and1.com.  I set up the account so that requests for
> > > miabrown.com are forwarded to my server (dynamic IP address, port 85).
> > >
> > > Apparently, at work, they block sites that use a port number other than
> > > 80.  In my brower at work, I see the IP address.  What do I need to do
> > > on my server so that it shows the domain name instead of the IP address?
> > >
> > 
> > I've hosted http data over the traditional https port of 443.  You can
> > have the server listen for http over port 443, and your work will pass
> > 443 (be it ssl data or not) to you.
> > 
> > This works with SSH, SMTP, POP... I hate it when my *cough* former
> > *cough* employer blocked all that stuff.
> 
> Ah, the fun of companies that like to port-block and proxy
> everything because of the feeling of power it gives them.
> And you've got two of them in your way.
> 
> In general, it's usually pretty easy to get around a firewall, as
> long as you control something on each side.  No matter how
> small of a hole the firewall has, with patience, you can
> squeeze elephants through it.  (And a firewall has to have a
> hole of some sort, or it's just a concrete block, not a firewall).
> But it's all still very annoying.
> 
> If it's only yourself at work that wants to access your site then you
> can set up some magic iptables port redirecting to send traffic
> to 443 back through to 85, but only for incoming traffic from your
> company.  The rest of the Internet would work as is, over port
> 85.
> 
> You may also have the option of using SSH tunneling (if you
> can run SSH on your work PC -- either linux or Windows with
> say PuTTY).  If you can get an ssh connection you can pretty
> much do anything: outbound, or yes, even inbound.  And you
> can run it on whatever ports you want.  (I'd use ssh keys, not
> passwords, if you can)
> 
> Depending on how determined your obstacles are, be aware that
> they may run invisible proxies.  Even for SSL.  So if you really
> want to be invisible, use ssh (and validate your server keys!)
> or set up real SSL on your Apache server, and then be sure to
> check the SSL certificate on your browser to make sure there's
> no man-in-the-middle.
> 
> I feel like I should have a disclaimer here...
> -- 
> Deron