How to bypass the Censoring Proxy using SSH method

How to bypass the Censoring Proxy using SSH method. (For the Dumbos)

About this writing.

This is meant for people with just working knowledge of computers and Internet. If you are an expert you will get a feeling that I am challenging your intelligence by being so descriptive. [minimal editorial comments by wayne - clearly labelled in square brackets and preceded by wayne:]

I am not an expert on this, this is just a what-I-did kind of narrative. If you have any questions, you may try asking Proxy methods or Email them or Wayne or Email Wayne

This narrative describe how I bypassed the censoring proxy in United Arab Emirates (Etisalat). What worked for me may not work with your ISP. The full credit goes to Wayne for teaching me.

This report assume you have Win95/98 and Internet Explorer version 5 (IE5) . The basics may work on other operative systems, but you may need to alter certain instructions here to meet your condition. Even if you are using a different browser, you should be able to do this, but again you must modify the ‘Configuring your browser to use nether.net’ segment of this narrative to suit your browser.

You must have an account with local ISP (Etisalt in my case) and should be able to create a shell account externally. I shall describe how to create a free external shell account with nether.net in detail. You can also use other paid/free shell accounts which support ssh method. For any reason if you cannot get an account with nether.net, you will have to find a different shell account provider. If you use a different account, the Segment II need be altered to suit the situation. A list of shell account providers are here.

The Entire narrative have 4 parts:

Part I- Creating an External Shell Account with www.nether.net

Part II- Making ssh-R command run on nether.net

Part III- Configuring your browser to use nether.net

Part IV- Reasons you can fail and possible workarounds

Creating an External Shell Account with nether.net

Step 1- Get connected to your Internet Service Provider (ISP) or Internet.

Step 2- Click Start button of Windows, choose Run and type following at Open ‘telnet nether.net 23’ without the quotes (‘’) and press the ‘Enter’ key. For the rest of the narrative quotes should be typed only if asked to do so. The above instruction can also be expressed as:

Start>Run>Open type ‘telnet nether.net 23’ <Enter>

(Rest of the narrative will use this kind of syntax to describe commands in the Windows and Windows applications. ie. In Word, File>Open mean click ‘File’ menu and choose ‘Open’ option)

This will cause windows to open the Telnet application and Telnet will try to connect to nether.net on port 23. Do not let terms like port scare you. If everything is okay, you should get connected to nether.net and should have login prompt like this (It may take a while to appear, if their server is busy):

Kernel SunOS 5.6 Generic_105181-17 on a sun4d

Welcome to nether.net

New to the system? Login as newuser

Step 3 – Creating an account for you at nether.net.

Login giving newuser and you will be given a description of their service and the commands to be used while you are at nether.net. Note down the basic ones to let you type in information. What you should keep in mind is that what you type may take a while to get displayed on the screen, so be patient. Find some of the basic commands to navigate through nether.net, after you connect.

Control + H To delete a character you have typed

Control + C To cancel an operation.

Control + S To slow down the flow of text

Control + Q To bring the flow of text to normal.

Nether.net gives a very descriptive help how to set up an account. If you need a detailed description on how to open an account with nether.net click here. Otherwise you may follow the instructions on nether.net. Please keep in mind that you need to chose a ‘Bash’ shell when the you're asked to choose the type of shell. Once you have successfully logged in, you will have a bash prompt like this:

bash-2.03$

You will be entering the rest of the commands at nether.net at this bash prompt. We shall now proceed to learn how to do ssh –R on nether.net.

Making ssh-R command run on nether.net

Now that you have logged into nether.net, you have a bash shell, type the following at the bash shell. This command is case sensitive.

ssh -R 12340:194.85.132.86:3128 nether.net

Let me explain the components of this command.

ssh -R

This tells sshd on nether.net to listen for all incoming connections on port 12340 and forward them to the public proxy you have chosen. You need not bother with the meaning of this sentence.

12340

This is the port number you which you chose. I have used 12340 only because it worked for me. [wayne: I've changed 1234 to 12340 in this description because 1234 will get some into trouble sometimes]. This port number must be one that your ISP is not blocking. In fact your success on bypassing your ISP Proxy will depend on finding a port number that is not blocked by your ISP. You should find success with numbers from 10000 to 65535. Wayne also list many open ports.

proxy.spaceproxy.com [wayne: I've changed it from spaceproxy to 194.85.132.86:3128 above because spaceproxy has become extremely slow]

This is a public proxy server which will fetch the web site you will request. You may fail in your efforts if the proxy I have mentioned stop accepting public requests. The solution then is to use a different public proxy. There are many out there, and you can use them instead of the one I have mentioned. Here is a list of proxies available. You can check Wayne's web site for updates on available proxies. [wayne: there's a better up to date list at virtualave; there's a link on my site to this (somewhere!).]

8080

Is the port number of Etisalat proxy. If your ISP uses a different port, enter that instead. To find out your ISP proxy port number follow the step wherein I mention changing browser configuration.

nether.net --------

Changing the Browser (Internet Explorer 5) Configuration to use nether.net

Start Internet Explorer (IE5),

Choose ‘Tool’ menu

Choose ‘Internet options’

Click the ‘Connections’ tab.

In the ‘Dial-up’ section, choose ‘Settings’.

You will have a new dialog box. Here make sure 2 check boxes in the ‘Automatic configuration’ is unchecked

In the "proxy server’ section Check ‘Use a proxy server’

Click ‘Advanced’ near the Address box.

In the ‘Server’ section in the ‘HTTP’ box you may have Etisalat proxy name http://proxy1.emirates.net.ae here, delete it and enter nether.net

In the ‘Port’ give the Port number you had given earlier at nether.net while executing ssh –R command. If you are using Etisalat, you will find that the port number is 8080, change it to the one you have selected.

Leave all other boxes like ‘Secure’ ‘FTP’ etc. without any change.

Click OK to close all the open dialog boxes.

Now your browser is configured for use with nether.net and you can start browsing any site you wish to. You must make sure that you remain logged in to nether.net after executing ssh –R command to access the web sites. Once you are finished with browsing, you can logout from nether.net by typing ‘logout’ and you can close the Telnet application. You may change the proxy setting for your browser back to Etisalat proxy (or your ISP’s proxy), to access the web sites the normal way.

From now on if you need to bypass your proxy, get connected to nether.net, login using your user name and password and do ssh –R command. Then change your browser configuration to nether.net as above. You must make sure that the port number you enter in the browser is the same as the one you have decided to use at nether.net.

If you use other browsers, you must make sure the relevant changes to your type of browser is made there. In Netscape you must make sure that ‘Automatic configuration’ is disabled and you may have to set-up the new proxy setting from the ‘Manual proxy’ option. Previous versions of Internet Explorer have similar, but slightly different interface for changing proxy settings.

Anticipated problems and possible workarounds

Problem	Possible reasons	Workarounds
nether.net server is not accessible	The server may be busy, or it could be blocked by your ISP	Try again later. Make sure you are giving the correct command to Telnet. If everything fails, look for a different shell account provider
ssh –R command did not work	You may have typed the wrong syntax and/or You may have chosen a proxy which may not be accessible and/or the port number selected is not working for you.	Make sure the ssh –R command is exactly as it is given and you use upper/lower cases correctly. Try choosing a different public proxy. Try varying port numbers (the number just after ssh –R and not the proxy port number which should be the same for the same proxy address)
You can successfully execute ssh –R, but cannot browse to the desired sites.	You may not have configured the browser properly or the public proxy you have chosen is access controlled, meaning it is of no use to you. The port you have selected is blocked. Or you may have got logged out from nether.net	Make sure you follow the steps mentioned in changing the browser proxy setting correctly. Also make sure that you are disabling the auto configuration option. If needed use a different public proxy which allows full access, but you must again do ssh –R at nether.net with this new proxy name. If it is a problem with port number try using different ones, preferably numbers between 10000 to …. Verify you are still logged onto nether.net after doing ssh -R
You get error messages while browsing (like ‘You are not authorized to view this page)	The public proxy you have selected is censoring.	Change proxy and do ssh –R again with new proxy name.

List of open ports on for Etisalat (may have to update) borrowed from Waynes web page

UAE

blocked: 80, 81, 119, 443, 666, 800, 880, 1080, 3128, 7175, [8000-8003], [8080-8090], 8888, 10080, 20034

open: 21, 22, 23, 25, 82, 83, 88, 110, 1024, [3000-3005], 3010, 3020, 3100, 3129, 4000, 5150, 6080, 6532, 7000, 7036, 8100, 8501, [8800-8801], 9000, 9003, 9080, 9090, 9200, 9669

unknown: many more

A List of free shell account providers (Taken from Proxy Method web site)

Free shell accounts

http://www.jasper.force9.co.uk/Rphh/Shell/Index.html
http://www.arcwebserv.com/jumpsite/shell.html
http://caselogic.hypermart.net/ (some out of date info. Info on gcc, IRC bots, etc)
http://www.ultrashell.net/~allegro/eggdrop/shell_link.htm
http://snow.icestorm.com/mattcentral/freenetwork/freeshellacounts.htm
http://lgbt.net/freeshells/

Mentioned shell accounts that survived
a pinging test. (Not checked)

http://www.cm.nu/
http://www.calibre.org/cis
http://www.jugbone.cx/
http://9mm.com/
http://www.cyberspace.org/
http://shell.weirdo.net/
http://marmoset.dorx.net/
http://www.cyberspace.org/
http://www.ductape.net

List of Public Proxy (Taken from Wayne's web page)[wayne: These are old, virtualave has a better, up to date list all the time - I make no attempt to keep my list up to date - use the link to virtualave to find currently working, fast, proxies]

s2.optonline.net	8080
www.thefourthr-fw.com	8080
q.netunlimited.net	80 # access controlled
cache01.pathcom.com	8080
magusnet.com	(many ports)
sq.acomp.usf.edu	3128