One of our fellow posters told me of a truly traumatic experience. When she went in to work yesterday and tried to log on to the Straight Dope, she found that it was blocked by her company’s computer network. She only has access at work, and her job leaves her some long streches of free time, so she is at serious risk of severe withdrawal symptoms.
By way of background, she works at a large financial company, and has no idea of what type of internet connection or system they use (and she ain’t about to ask). She tried to access the boards through a coworker’s computer, and it worked briefly but then got the same access denied message.
So, for very important, um, research needs, might anyone have a suggestion on how she might get around this block and access the SDMB at work. Her sanity could be riding on your responses.
dylan_73 is correct. ‘Fixing’ this may violate the company’s IT policy which could be bad for her career with that company.
That said it is somewhat encouraging that another employee got through a bit then got stopped. In general such things are either blocked or they aren’t…no half-measures. It is possible that some other hiccup in the system caused the boards to not be accessible. Frankly the servers the SDMB run on need help. I frequently find them extremely sluggish and occasionally get timed-out trying to access the pages. Have her try a few more times throughout a day and see if anything changes.
Otherwise the beer thing dylan_73 mentioned can work surprisingly well. In addition, male computer types tend to be very susceptible to a woman’s charms. I’m not suggesting she sleep with them but I think she’ll find a few well placed smiles can do wonders.
I would also say that trying to get around company lock outs is a dodgy area to go into.
If they know anybody in IT it might be useful to mention it to them.
The SDMB might have been blocked because of the amount of hits it recieved through their proxy. If this is the case then your friend is out of luck, if it is just blocked because a new piece of software that has picked up on the SDMB then they may be able to convince them to unblock the site.
There is something you can try which has a good chance of working.
Go to http://www.safeweb.com. This site allows you to surf anonymously and gets around firewall blocking and filters.
However, if the company in question already blocks access to safeweb, then you’re screwed…
Worth a try.
Not worth a try if the company decides to look at what’s coming through safeweb (yes, they can; if it gets to your computer, it can be observed) and sees a site that they’ve recently blocked. Then it’s up to the bosses office to explain / get fired.
I strongly recommend either asking someone to allow it (with beer, if possible) or giving up and accessing from home.
Of course, maybe the company is quite lenient, or something…you take your own chances on that one…
You are on your own if you do this, so don’t blame me if you get fired:
Most web sites are blocked by IP address and/or name. However, in most cases you can get around this by converting the IP address to decimal and using the decimal address in your web browser. To do this, convert the IP address to binary, then the binary to decimal.
For example: The IP address of http://www.straightdope.com is 63.97.40.3. Covert each octet (number seperated by the dot) into binary, adding zeros as necessary to maintain an 8 bit number (3 = 11 in binary, so make it 0000 0011). Next, string all the octets together to make a single binary number. In this case it comes out to 0011 1111 0110 0001 0010 1000 0000 0011. Coverting this to decimal gives you 1063331843. Put this into your browser (http://1063331843) and it will take you to the site, bypassing most blocking.
I got an e-mail from our poster trapped in the land without the SDMB. She asked me to pass along the following:
She appreciates the help, folks, and has mentioned that her job might not be worth keeping if she cannot access the SDMB, so extreme measures may be called for.
I am a Unix sys admin for a large corporation. Data coming through a secure, ENCRYPTED pipe cannot be ‘looked at’ just because the the info ‘get to your computer’. Safeweb uses a secure, encrypted connection.
This is the basis for all secure e-commerce transactions.
Now if you want to get into a debate on whether 128-bit encryption can be broken using distributed computing schemes…well, that’s another story.
Also, I think I’ve seen a variation of Smitty’s method being used, where the four decimal number IP address (separated by dots) is converted number by number into an eight-digit hexidecimal number with no seperators (i.e. each decimal 0-255 is converted to its two digit hex equivalent). Might this be another way of getting there.
Datamike: Ooops. I’m mostly wrong, it’s true. I didn’t realise it used encryption (note to self: visit a site before you comment on it, idiot!); I assumed it just anonymised (ie, stripped out user info so the site visited can’t tell who accessed).
As for 100%…ahh, you sure they aren’t using SMS at that place?
re distributed computing: well, distributed.net are still working on 64bit, aren’t they? I think 128 bit is a long way off. Mind you, I just picked up a new Quantum Computer from PC World, so you never know…
Inky: “nslookup http://www.straightdope.com”
Even if you could get around it there is probably a computer on the netowrk that records all you are doing with the computer & a lot of comp’s have 0 tolerance for this sort of thing.
While you could possibly ‘record’ the encrypted data stream, there would be no point.
This data simply looks like garbage and cannot be decrypted; at least not given any reasonable time span–like the human life.
In all likelyhood the corp. in question subscribes to a monthly update service which provides a list of ip’s and keywords for the firewall.
The message “Error FW-1 @ dwda125: Access denied” is simply the message from the firewall software running on a machine named ‘dwda125’ denying the request.
In short, if you can get to safeweb, you can get to any site securely and with NO chance of anyone knowing about it aside from someone looking at your computer monitor.
Please note that the admins WILL know that you are hitting safeweb. Many hits to this site and they’ll probably add it to the ‘deny’ list.
I tried the typing the nslookup thing directly into Netscape, and couldn’t get it to work, but while waiting around for the reply window to pop up I found this site: http://www.webreference.com/cgi-bin/nslookup.cgi
That site allows you to enter a URL and get an IP address.
I’m an IT security consultant in my spare time (oh, okay, for a living). Using sites like SafeWeb and Anonymizer is all well and good, but in security audits the logs will be checked for large amounts of time and/or page changes while using those sites.
Incidentally, FW-1 would be Firewall-1, a very popular firewall product that we use too.
The IP address-to-decimal trick will probably work, but always remember that sys admins can (and will) manually check out any sites that people seem to be spending a lot of time on – they’re not stupid when it comes to anonymous surfing or loopholes.
