HowTo: Browse LFGSS securely
 

Most work places have a proxy through which all computers in your workplace connect to get to the internet.

It is trivial for them to log the traffic through that proxy and to see which computers and logins in the workplace generate which traffic. This means that you should always assume that your workplace knows where you surf unless you truly know they are not doing this (i.e. you're self-employed and have set up no such thing).

The key to not being caught surfing at work is to keep your usage down or stick to browsing at lunchtime when you could reasonably argue that you were doing so in your time.

Of course, failing that the key is not to show up in their computer generated reports.

How not to show up in reports that are compiled against traffic usage:
1) Use a secure connection, as these are never cached or logged.
2) Use an IP address and HOSTS entry so that the site isn't identifiable from the log files.

#1, you can use this secure URL to access the one URL. Note that the certificate is self-signed, which means I made it up... it's still secure but because I didn't pay Verisign it may give you warnings... just click OK or Accept or whatever and it's all cool... your connection will be encrypted and no access will be logged by your workplace.

https: //www.londonfgss.com/

#2 Put the following in your hosts file:

209.20.64.92 www.londonfgss.com css.londonfgss.com static.londonfgss.com js.londonfgss.com londonfgss.com

Now when you enter www.londonfgss.com your local computer resolves the DNS using your hosts file and only the IP address gets logged by your firewall. And if someone visited the IP address they wouldn't get this site (try it, your browser has to know about the domain name as well as the IP address).

So those are the two methods I've provided to make sure you lot don't get caught being productive on here, unproductive at work. If you get caught and sacked or whatever... it's firmly your own fault ;)

For #3 would I just copy and paste "67.207.134.180 www.londonfgss.com css.londonfgss.com static.londonfgss.com js.londonfgss.com londonfgss.com" into the host file and hit save?

Is there anything else I'd need to do?

I work by myself from home so that makes life very much easier.

But occasionally if I think my girlfriend might come home and catch me looking at bike websites I always have a full screen browser page with hardcore porn ready to bring to the front to hide 'londonfgss'.

Nope, that's it.

Once copied it, give it 10 minutes, and when you run your browser it will be looking at the changes in your hosts file and will send the IP address over the wire and not the domain name... so in the logs you'll be fine.

I personally think the very best tactic is #2, the https route. The only downside is that as nothing (not even your browser) will log or cache that access, the site will be fractionally slower as it has to fetch everything for every page, including that header logo and all of the javascript and css.

I've already added three to my host file but on your recommendation I'll use the https method ;]

Thanks for the sneaky tips

this is great advise. thanks vb.

about 2yrs ago, my old company's HR did a random check on staff. i came up on top (out of about 300?) for the two days they did the check...and that was before lfgss.com! anyway, got a slap on the wrist...didnt give a sht anyway as i was couple of mths away from leavin the company at that point. but it was very very embarassing.

iPhone over Edge™ people !

That's genius ! :)

Unfortunately for me, the only option that works here is #1.

Even the PC's are protected, meaning you need to be an administrator to change anything, which includes changing the bloody date or time!

As for the above site, I even get this friendly warning:

Ha! we have a blue coat here at work ...suppose I should get round to installing it.. but I dont care what people look at tbh, a company I used to work for if you typed in any job sites it referred you to a page saying "We dont want to lose you please come and have a chat with HR"

Sam

Dose n.o 2 not work?

You could always try and get yourself a and then use http://kimmo.suominen.com/docs/proxy-through-ssh/ method

if you have firefox you can use preferences to alter the proxy info.


http://anonymouse.org/ Is another thing like hael's link. Depends if the nanny software knows about it.

Hi Tommy

That doesn't work either, as we cannot access our Internet options!! It's fucking shit here! For now I'll just keep using one of the other website addresses until that's blocked, then move onto the next one. Since the original .com address was blocked it has been fine using the .co.uk one to be honest.

The anonymouse site is also blocked BTW. Gah!

www.proxy.org - it's a list of thousands of proxy sites. One of them will work ;]

yes, but proxy.org is blocked...

sigh... you just need to be nice to your IT ppl... we all like briberies, particularly the ones containing chocolate ;)

hahah thats what i do also

Well, for the people working at home, I've split the traffic over two different sub-domains so that more http connections to the server above the maximium of 4 can be in use and the pages go faster. You guys needn't do anything, it should just work faster by default.

why thank you kindly :)
can you make my sewing machine faster as well?

Might have to start using some of these for when i'm browsing at work :)

general computer question for you vb... I'm connected to my uni's network through my halls, so when I access a site through a secure connection is the data encrypted from my computer to the server of the web site, or only between my network's server and then the web site's server?

Not for lfgss - nothing is blocked on our network at all, we allegedly only get monitored if we download >5gb a day (it is verrrry fast) - something else.

If you are connected to any SSL/https/SSH service, then your data is encrypted between your application (the browser/SSH terminal or whatever) and the end server that you are talking to.

No-one is able to read the contents of the communication.

However, it is possible that they can read the URL and headers of the original request for the communication. For this reason most services will set up the secure connection prior to asking for a password or giving out any private data.

Because of the probability that a secure communication will contain private data, even though your browser could cache the unencrypted version it displays to you... the default is that browsers will never cache or store any copy of anything sent over SSL.

Following on from that, if you've ordered gig tickets online and been told to print and page and didn't, and then clicked back in your browser... this is why the page no longer exists. Secure pages aren't stored and your browser has nothing to go back to.

Burn him! Hes a Witch with his interwebs voodoo! ;)

ok, cool. cheers vb

I am in charge of the IT at our work and my boss came in to do a random check on ebay, facebook etc. and he apologised to me if it became embarassing for me as I may be in the report.

Well lets just say none of the reports had anything bad to say about me!!

I completely bypass the filtering / logging system and have totally unfiltered internet access at work, it's good to know more than your boss sometimes.

In a previous job, I had to check the filters in a small company. One day they were filled with loads of adult sites, I took a copy of the logs and reported it to my boss without actually working out who it was. We then sat at his computer and looked into who had done it and it turned out to be him, lets just say I got promoted and a pay rise quickly after that ;-)

heh... isn't it good to work in IT!
we don't bother with logs much either unless we suspect someone is up to no good. it would be a massive waste of our gaming time if we were to check what everyone does all the time.

Me and a mate got pinged at work. It's was google mail's chat feature. They'd blocked it but gmail sat there polling away every few seconds or whatever.. so without even knowing we filled up isec teams logs. Ha!

is there a way to do the whole g chat thing with out geting cought?

Access gmail via https:// and use the built-in ajax chat

thank you techno-which.

Add http:// www.fakenger.co.uk/ to the list of spoof URL's that will help you avoid detection at work.

Thanks to Moving Target today for the inspiration for that domain name.

Just another helper for whiling away those boring days without getting caught:

I've been using ghostzilla for browsing for about a year. It's not bang up to date, but for what I use it for (this forum) it's ideal.
Features:
* Tabbed browsing
* All but tiny images remain hidden until you move the mouse over them.
* All content can appear in shades of grey, including images. Colours are customizable.
* Browser runs invisibly until you move mouse <left-right-left> across the screen area, it then pops up frameless and sits on top of your currently open application, say Word, Excel, or whatever. It just looks like you're editing a document.
* Move mouse outside window and the browser is hidden - your current application is already open on top of your display and at the right place should anyone wander past your desk.
* All browsing history + bookmarks is kept separate from your regular browser.

Ghostzilla is not totally invisible but is way less obvious. Other measures suggested by VB above should still be used too.

Just search with Google for "ghostzilla".

----

I use Ghostzilla + the following for a bit more anonimity:
* "ssh" to compress and encrypt my internet connections. It creates a tunnel through works firewall via my home broadband to a proxy server at home.
* "ntlm-aps" (python script) for spoofing Windows network authentication.
* some custom code for switching which proxy my browser(s) use.
* custom code for adjusting connection options for keeping alive the ssh connection.

Sounds like a lot of hassle. Why not do some bloody work?! ;)

The Ghostzilla bit isn't much hassle. Plus it's fun (in a geeky kind of way) to get these things to work, and "stick it to the man", as they say :)

I like to be in control in my own little way. <sly grin>

Course, best way to 'stick it to the man' is not to work for him.

:)

I love the way it blends into other apps you are using. Shame I can't actually see any websites in the thing though.

It's not good with Flash and poor with Java. I've never been able to get extensions to work well.

We're only on the one domain now, but thanks to T-shirt money I've just purchased a really strong SSL certificate.

So those of you using the https version of the site should find that you now have 2 years of effortless work safe browsing.

I've also made a change so that the JavaScript libraries are served from this site rather than the author website (Yahoo.com) so that you get the little padlock showing that the site is secure.

However, to be 100% secure you will need to disable image viewing in your UserCp, as a lot of images are hosted on external sites and will still show in the firewall logs.

VB, disaster has struck, work has finally blocked the site.... My life is now officially over :(

Tried all the above but nope, nothing, I haven't got a clue how they have done it... any new ideas for accessing the site without having to use my fecking phone???

:(

http://webwarper.net/

try that

And i'm BACK!!! Mwwwoooaaahahahahahahahahah :)

Top one, that's Gp!

Bloody bastards can't switch us off that easily.....

u might have some issues with viewing images but apart from that it should be fine.

another good trick for unrestricted access is to in stall the logmein.com software on your home computer and leave it tunred on then access your home pc through that site for all your browsing pleasure.

V.B. - I can't access this site at all at work.... Is it possible to detect "forum" sites?
I type in our website address and it fucks me over with "ACCESS DENIED"
Can i use your methods above to overcome it?
Cheers mate.

have you tried the https version of the site?

What he said.

[Posted by 80.176.179.74 via http://algart.net/ww This is added while posting a message to avoid misuse.
Try: http://webwarper.net/webwarper.exe Example of viewing: http://webwarper.net/ww/~av/www.lond...hread3263.html ]

Hey Tommy/VB, you mean this one - http://www.lfgss.com/ ?

If so that doesnt work for me and this webwarper program, although handy, won't let me create new threads (not such a bad thing ay...;) and also puts adverts at the bottom of my replies... i've sussed out that if I delete and click quickly enough I can avoid them but I can't carry on like this :(

Any other ideas?

you see!!!!! what the feck is all that nonsense below????

[Posted by 80.176.179.74 via http://algart.net/ww This is added while posting a message to avoid misuse.
Try: http://webwarper.net/webwarper.exe Example of viewing: http://webwarper.net/ww/~av/www.lond...4&stripquote=1 ]

this one tobes

Hey H, sorry webwarper changed my link to http, it was originally https.... which doesn't work :(

... and delete and hit post velly quickly...

Have you tried your social engineering skills? you might find the IT janitor will roll over for beer and cookies :D