Risk
1/4/2011
10:23 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Top 3 Tools For Busting Through Firewalls

Can't access a Web site thanks to employer or government censorship? Fortunately, there's a host of tools and techniques that can help you slip through the blockade. Here's an in-depth look at three of the best.

Top 10 Security Stories Of 2010
(click image for larger view)
Slideshow: Top 10 Security Stories Of 2010

The Future: The Unending Arms Race

One important question that comes up in the wake of the use of proxies: how much trust can people place in any given proxy method? The very nature of proxies makes them tough to trust, and each incarnation I've looked at has different trust issues. It comes down to a tradeoff between decentralization and control.

A decentralized proxy network like Tor is harder to shut down, but it's also that much harder for the pedigree of any one part of the network to be verified. (At least Tor's creators are aware of this.)

A commercial service like Proxify in theory has more oversight over its own nodes, but it's an open question if they are that much more trustable by dint of being that much more centralized. Proxify's terms of service agreement is also very explicit that they provide the service as-is and entirely on their own terms -- something most anyone providing a proxy would want to spell out ahead of time to avoid legal entanglements.

The only truly trustable proxy would be one set up independently -- although with that, what you gain in personal control, you lose in resilience to outside attack, since one node is far easier to shut down than six hundred.

There seems little question that the struggle between censors and citizens will remain an arms race, with censorship worked around almost as quickly as it's put into place. The question remains: if such filters are so unreliable and so routinely dodged, why do governments or other groups bother to try blocking information at all?

The answer is simple: it's symbolic, not tactical. It's more about what forms of speech a given government or organization wants to show disfavor for, and not about actually preventing information from reaching people. In the long run, it's impossible to suppress any one piece of information completely -- but few people want to be seen as tacitly condoning things that aren't in their best interest, and so up go the firewalls.

Since it's unlikely those attitudes will change anytime soon -- especially in regimes like North Korea, where information control is the very lifeblood of the state -- the arms race will continue. And the growing sophistication of the services available out there only means there will be that many more ways to route around the damage.

SEE ALSO:

Workers Abusing Social Sites On Corporate Networks

IBM Adds Web App Firewall To IPS Appliances

Air Force Blocks Web Sites With WikiLeaks Content

Google Seeks Allies Against Censorship

Chinese iPhone 4 Forces Censored Maps

China Loses Web Filter Battle

Clinton Calls On Businesses To Support Internet Freedom

Previous
5 of 5
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DenisL857
50%
50%
DenisL857,
User Rank: Apprentice
3/14/2014 | 8:06:39 PM
this really worcks yo have helped me get youtube back because my prents are sick of me watching kung fu panda and listening too dubstep
thancks again and do you have any other research sugjestions for hacking my firewall
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-4403
Published: 2015-04-24
Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.ph...

CVE-2012-2930
Published: 2015-04-24
Multiple cross-site request forgery (CSRF) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user via an adduser action to admin/index.php or (2) conduct static PHP code injection attacks in .htusers...

CVE-2012-2932
Published: 2015-04-24
Multiple cross-site scripting (XSS) vulnerabilities in TinyWebGallery (TWG) before 1.8.8 allow remote attackers to inject arbitrary web script or HTML via the (1) selitems[] parameter in a copy, (2) chmod, or (3) arch action to admin/index.php or (4) searchitem parameter in a search action to admin/...

CVE-2012-5451
Published: 2015-04-24
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.

CVE-2015-0297
Published: 2015-04-24
Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methos via the (1) ServerInvokerServlet or (2) SchedulerService or (3) cause a denial of service (disk consumption) via the ContentManager.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.