Monday

Any Port in a Storm - Firewalls Block access to Proxies

It's important to remember that a firewall can block anything and everything and they often do. If you're trying to access a proxy to protect your privacy in work, school and college - you will not be alone and the network administrators will be actively trying to block access to these proxies.

One of the main reasons most people are unable to use anonymous proxies from their work or school is that the firewall only lets out connections that originate from a specific IP address.

And that IP address belongs to the company/college Proxy server.

So you can be armed with a huge list of anonymous proxies but you won't be able to access them as the firewall will block direct communication from your IP address. This is one of the subtle advantages of Identity Cloaker - it can actually work through the existing Proxy server, kicking an encrypted tunnel right through the proxy.

It might sound trivial but this feature allows you to tunnel through most restrictive firewalls (not all as there are always exceptions). An Identity Cloaker subscription and an installation on a USB drive generally means you have a totally secure browsing session with no restrictions.

Can I still be blocked?


Well yes you can, it's extremely difficult but you could potentially spot the encrypted traffic on the SSL port which looks strange, you couldn't read any of the data but with very careful analysis it wouldn't look right.

Mind you I've worked in IT security for twenty years and I've never met anyone who would spot this in a busy IT department.

Anyway here's some important port numbers that are worth remembering for all us privacy and free speech fans !

FTP - 20,21
HTTP - 80, 8080
SSH - 22
HTTPS - 443

Interestingly enough although Identity Cloaker uses SSH to create an encrypted tunnel to protect all your logging from ISP and everyone, it actually creates this connection over port 443 and not the SSH one of 22.

Why does it do this? Well because many more firewalls allow communication through port 443 simply because it is used for HTTPS. By switching the port for the SSH tunnel to 443 it ensures that the encrypted tunnel you create will very rarely be blocked.

0 comments: