Dear Mr. Rawles
As a network administrator, I spend a fair amount of time making sure my end
users cannot access certain web sites from company computers and data lines.
I try
to make sure we don't get too draconian in our filtering practices, I do my
best to make sure that not streaming audio or video, social networking sites,
or other time killers make their way through the network.
Recently, a friend of mine told me about a tool called JanusVM,
a combination of Internet anonymity tools (TOR, PRIVoxy, Squid, and VPN) that
runs in a virtual
machine. You basically run the VM in a VMWare player, connect a VPN connection
from your PC to the VM, and open your web browser. Like a lot of anonymity
tools, it isn't very fast. It is, however, about as anonymous as you can get
on the internet. I went to a web site that displayed my current IP address
as well as your geographic location and found I was supposedly surfing from
Paris, France. One page reload later and I was in Northern California, and
then followed by Denmark, all without ever leaving my chair. According to the
web site's
very brief write up, the DNS requests are so scrambled that even your internet
service
provider can't tell where you're surfing. That made me wonder if I could use
this tool to get around my web filtering firewall as well. I tested my machine
to make sure I was blocked out by our firewall by trying to visit Facebook,
which is a big no no site around here. Sure enough, it's blocked. Then I closed
my web browser, established the VPN connection to the JanusVM, and re-launched
my web browser. Bullseye! I had Facebook access. Not only was I anonymous,
I'd also defeated my own web filtering software and firewall.
While this is a great tool, here are a few things to keep in mind.
1. I haven't tested it on any other system, so YMMV.
2. You need a network with at least one available IP address for the VM. It
can be an internal IP, but it still needs one. This keeps it from working with
Verizon broadband cards. If someone out there gets it to work with one, I'd
LOVE to hear about it!
3. Anonymity is not the same as privacy, or even security. Don't count on this
tool to protect your internet logins and passwords. Hackers have been known
to sniff incoming and outgoing traffic on TOR nodes for unencrypted passwords.
They may not know where they came from, but they can still read them. If they
can figure out where they were headed, you're in trouble.
4. Your workplace or branch of the military may frown on anyone trying to circumvent
their firewalls and web filters, so use this information at your own risk.
- Some Call Me Tim
James,
A couple of notes about your post on [SurvivalBlog being blocked by the US
Navy and Marine Corps Internet system]:
* with varied duty hours and multiple shifts, there's no such thing as only
blocking during "duty hours".
* Anonymizers are just about the first thing blocked by any organization
that
filters net access. :)
* If you have scripting capability on a web host, CGI Proxy and PHP Proxy are
both good alternatives. Of course, they're going to be blocked, too...so you
still would have to find an unblocked site that has it or an alternate ISP long
enough to download the scripts. People also run services with these or other
types of scripts, but they come and go, and as mentioned previously, will most
often be blocked. You also never know who's running them.
* An alternate site works for a while, but it will eventually get blocked, too.
It also dilutes your "brand".
* The XML RSS
feed option is probably the best, as it doesn't rely on working around
the restrictions so obviously. I use Google Reader myself, through
which I can read web sites blocked by the corporate firewall. It cuts you off
from reading
comments, but that's not a problem with your site. Some may be concerned at Google
having too much information and choose some other feed reader, but I'm not too
concerned with it. [JWR Adds: To avoid trails
of "cookie crumbs", I've read that the best choices
are the Avant
Browser for PCs and the NewsFire
Reader for Macs.]
The feed option is good for current reading and keeping up, but for searching
on a topic or looking at items in a non-linear fashion a proxy of some sort is
a better, more flexible, yet more complicated option. Hope this helps. - Robert