Getting to the SDMB when blocked by company's computer

Factual Questions
21

nslookup, or ping (DOS prompt, ping http://www.straightdope.com, this will return the IP address. There are also many utilities that you can use to simplify the process. Go to http://www.davecentral.com and see the Finger/Whois section for a ton of freeware and shareware apps that will let you do just that.

As far as monitoring of web browsing by the IT department, I AM the IT department at my job, and the only time I check the logs to see what people have been browsing is when there is already a suspicion that management wants checked, or when someone pisses me off. Many apps record a log of who has attempted to access banned sites, but if you are at a large company that blocks a great many sites, this log is probably so big that you probably don’t have to worry unless they are gunning for you personally. YMMV

22

Damn parsing, I meant ping www.straightdope.com

Of course, this port may be blocked as well.

23

Thank you all for your help… at the moment, I’m using safeweb.

Nope. Billdo emailed the text of this thread to me. When I clicked on the first link, I got the SD main page, but the second link gave me the same old error message.

Anyway, hopefully Smitty is right about the huge log of banned sites and I won’t find my personal belongings in a box on Monday morning…

24

About a year ago, the senior IT staff at work and I had a bet. I’d try to send an email from my desk to one of them, and they’d try to find conclusive proof that it came from me. Very fun educational for all of us- it was a sort of arms race, as every new trick I’d use, they’d eventually find a way to prevent it.

Of course, they eventually brought out the nuclear weapons of spyware- keystroke logging and screencaptures every random(x) minutes.

Cutting-and-pasting individual letters to avoid using any keys other than ctrl, shift, arrows, c, and v is far too time-consuming to do. It was much easier to concede defeat and buy the IT staff their bottle of scotch.

And to think I said I’d never resort to bribes or politics in the workplace…

25

Slightly off topic:
I manage the corporate network for a company … magazine publisher, 1500 employees or so in a little under a dozen locations.

Speaking from an IT perspective… if your company decides it’s time to start screen capturing and keystroke logging, it’s time to look for a new job.

The only time I ever care what sort of data a user is doing, is when they are causing problems on the network, and the only thing that we block is access to Napster servers, simply for bandwidth reasons. (Users can bring in their own cds/songs on cdrom).

Seriously. Time to find a new job. If your company is that bored that they have to check up on you – then they obviously have no idea of your “measurables” actually are, and they’re just making themselves look good.

26

Vix glad to see you are back on from work. I’m blocked at work from boards.straightdope.com (see http://boards.straightdope.com/sdmb/showthread.php?threadid=59481) Since I have access at home, I’m not going to circumevent the block, but you may want to see if anyone here would be willing to build you a home system. I’m sure many of us have used parts that are not being used and would be able to build a system. I had some spare drives until I got a killer deal on a system now my dad has a computer

27

I’m far from network savvy, but since my school had a ban on Napster, measures had to be taken. One that was supposed to work (presumably for people with more network knowledge than I) was a proxy server. Probably worth more trouble than it’s worth (well, then again, this is the SDMB), but would this be a possible answer?

28

I was just thinking of a similar problem i have. I’m taking the AP C++ a class at school,and we’re working ont his borign research project about the ap test. Soo… in my spare time surfing the web i have to entertain myself somehow. I tried downloading napster(the computers have cd burners and t1 lines so you can make cd’s) and aim but… their network security prevents us from acessing any important .dll files needed for installation. One good solution i heard was to put the program on cd and use it off of there(so this could help you access some other stuff Vix if you have similar problems). Basically,is there anyway to bypass security and acess the files to install something? The network guys at my school aren’t the smartest,sicne I already know how to print something from any computer in the school to any printer in the school.

29

Here’s what you do:

Get one of those Black Box converters and hook it in between your computer’s modem and your digital phone line.

Dial in as you would at home to your regular ISP. (You may have to learn how to switch TCP/IP settings on-the-fly)

The company’s computers will not see your activity. Your only risk now is someone coming up behind you and staring at your screen and busting you.

30

What blocking software is your company using? If you are using a proxy filter like Smart Filter you can get around it with the following method. However, if you are using software such as Cyber Patrol which is not a proxy filter then it will not work. Check out http://www.peacefire.com to see whether the software you are using is a proxy software or not. If it is proxy software you can use this method to access the SDMB.

Step one: Check the filenames of the icons on your desktop to see if they have their file extensions showing. If you don’t know what a file extension is, it’s the part of the files title which tells the computer which application it should use to open it. For example a text file in Notepad, if saved to your desktop, should be called TEST.TXT. The .txt part. is the file extension. Similarly if you have a word document saved to your desktop it would be called TEST.DOC because the file extension for a word document is .DOC and for a program it is .EXE. Anyway, check to see if you can see the file extensions on the files saved to your desktop. If you can you can skip the next 3 steps. If you cannot see them it means that your system admins have rendered them invisible so you’ll have to make them visible again. To do this you must:
Step A: Open My Computer.

Step B: Click on View and then click on Options.

Step C: Once the options menu is open click on the View tab and check to see if the box labelled “Display the Full MD-DOS path in the title bar”. If it is ticked leave it alone. If it is not ticked, tick it and then click on Apply at the bottom of the menu. you have just unhidden the file extensions.

Once you’ve got the file extensions enabled you may continue.

Step 2: Open Notepad and copy and paste the following into it

IMPORTANT: MAKE SURE YOU CHANGE THE { } BRACKETS INTO < > BRACKETS WHEN YOU HAVE DONE THIS ELSE IT WON’T WORK. ALSO, IF YOU DECIDE TO TYPE THE URL YOURSELF MAKE SURE YOU DON’T MAKE ANY SPELLING MISTAKES ELSE IT WON’T WORK.

Save your notepad file onto your desktop and then click to rename it and rename the file extension from .TXT to .HTM. Then reopen the file and you should see a link to the straight dope. Click on it and it should take you there.

This method works because the site http://a1.g.akamaitech.net requests a copy of the straight dope for you and as such the blocking software doesn’t detect it because it will pick up akamaitech and not the straight dope and because akamaitech is not banned the cmoputer will let you see what’s on it and if you’ve followedt he above instructions carefully what will be on it is a copy of the straightdope

31

BTW - If you can’t access http://www.peacefire.com either because it is blocked then just post the name of your software here and I’ll find out for you.

32

And, of course, if you spend long enough going through anonymous sites you run an increased risk of someone checking more thoroughly to find out what on earth you’ve been up to. Security auditors know about anonymous sites and know what to look for; it may not be an everyday risk, but don’t be surprised if once a year someone checks.

33

If you are really insistent about getting around the company firewall, DataMike had a reasonably easy solution. There are a number of such “safe surfing” services, which have the obvious drawback that they will also eventually be placed on the “blocked” list.

You will notice that what those services do is parse the delivered content and rewrite the URL’s in all the links to be routed again through their site. For instance, the message board link http://boards.straightdope.com/sdmb becomes a link to safeweb with the “real” url as an argument, so that safeweb can simply fetch that page and process it for you, too.

The decimilization solution would work if you could perform similar URL rewriting on your delivered pages to change all the http://boards.straightdope.com links to decimilized addresses. As observed, the links on the delivered page still say “straightdope”.

There are some pitfalls with URL rewriting, BTW. If the URL’s are extremely unusual, it may confuse the parsing and screw up the links. I have seen this recently with content in which all the actions on links are heavily javascripted, so that rather than going somewhere directly, every click on the page performed some sort of javascript-based processing first. URL rewriting usually makes a total hash of that, of course. (the context I’ve seen this in is working with app servers that try to handle session control this way when working with a browser that won’t honor cookies - the rewriting is used to insert the session identifier in all the URL’s pointing back into the server site).

If I were writing a “corporate nanny” firewall, I think I would have an option to try to parse outgoing URL’s for other URL’s embedded in the arguments or POST fields, and block on that basis as well, so people couldn’t relay through something like safeweb. Maybe they do.

Which leads to an idle thought I just had. If corporate blockers can be circumvented by routine URL translation like this, I could write a very annoying (from their point of view) utility which would be installed as an HTTP proxy on your machine, and would simply perform URL rewriting as desired. On windows systems, make it manifest as a system tray app, and allow you to interactively add locations to be rendered in alternate forms, such as turned into IP’s, decimilized as discussed, embedded in some other syntax, or converted into a different site. Or, for that matter, simply ignored or turned into some local reference, so you could get the benefit of stripping out ad banners through the same tool. I’ve got a “filtration” proxy like this I developed and was thinking of commercializing for different purposes a couple years ago… hmmmm …

34

One could try this. If you own a laptop, and are allowed ( and are willing ) to bring it to work, you can do the following.
You can use a wonderful little box called a Linestein. It is an interface box between your digital PBX- type phone system and your laptop. The Linestein decodes the office phone system’s PBX Coding, and delivers a straight analog line to you. It’s a tiny box, and can be either ac/dc powered or battery powered. It’s NOT phone theft, you are still dialing into your office telephone normally. It simply reads and memorizes, and decodes the coding for your particular office phone system. I mention this because A) Illegal activities are not allowed to be promoted here, and this device is not banned, and B) Office managers would be all over users, and I don’t wish to make anyone’s life miserable. The device , and I quote the manual, " …complies with Part 68 of the FCC Rules. It is tested to Comply with FCC Part 15 Class B. For home or office use". It is in no way an underground or illegal device.

I’ve used it all over the United States, and only had trouble twice. Both times, my shoulder bag had been dropped. The laptop was fine ( thank god ) but the Linestein lost it’s programming. It is re-programmable OVER the telephone, by HelloDirect, the maker.

I don’t work for them, I’m just a really amazed happy customer here, offering yet another way to get to the SDMB while at work. You could leave up some other page of office work, minimized and ready to show while you surf the Dope Boards.

Cartooniverse

35

** Frown**. That link worked right to the Linestein page when I created it, now it lands you on the Hello Direct Home Page. Sorry :frowning: Just type in Linestein on the left hand product search area, and it will take you to that page.

Hmmmph.

Cartooniverse