My college has Cyberoam firewall installed and its a very tough firewall. Just a question running through my mind is, how it can't block ping requests.
Is it possible to block ping from firewall or windows configuration?
When we try to open facebook or youtube, it blocks them, but you can ping them.
How ping works? It sends ICMP packets to the sites but it requires their IP to contact them. How ping can be used even when firewall has blocked the sites...
Ping and Firewall
-
z3r0aCc3Ss
- Fame ! Where are the chicks?!
- Posts: 700
- Joined: 23 Jun 2009, 16:00
- 14
- Contact:
Ping and Firewall
Beta tester for major RATs, all kinds of stealers and keyloggers.
Learning NMAP
Learning NMAP
Re: Ping and Firewall
the firewall blocks protocol - so while you can contact the IP/webserver - and get its response, the firewall blocks the HTTP traffic from the IP/webserver.
This is why HTTPS or Telnet can bypass some firewalls.
Some firewalls block IP or content based on word search on the page. This does not sound like it yet. Try HTTPS (suck-o offers HTTPS for this very reason)
You can telnet to a HTTP port and get its raw HTML response.
DNR
This is why HTTPS or Telnet can bypass some firewalls.
Some firewalls block IP or content based on word search on the page. This does not sound like it yet. Try HTTPS (suck-o offers HTTPS for this very reason)
You can telnet to a HTTP port and get its raw HTML response.
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: Ping and Firewall
yea they got the shiznit -
"Cyberoam UTM appliances integrate multiple security features like Firewall, VPN, Intrusion Prevention System, Anti-Virus & Anti-Spyware, Anti-Spam, Web Filtering, Layer 7 Visibility & Control, Bandwidth Management, Multiple Link Management, and more on a single platform. Extensible Security Architecture along with multicore processors enable it to offer future-ready security and faster throughput"
Hardware and software firewall, aint that a bitch.
Whats the wifi look like for the area you want to connect in?
DNR
"Cyberoam UTM appliances integrate multiple security features like Firewall, VPN, Intrusion Prevention System, Anti-Virus & Anti-Spyware, Anti-Spam, Web Filtering, Layer 7 Visibility & Control, Bandwidth Management, Multiple Link Management, and more on a single platform. Extensible Security Architecture along with multicore processors enable it to offer future-ready security and faster throughput"
Hardware and software firewall, aint that a bitch.
Whats the wifi look like for the area you want to connect in?
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
Re: Ping and Firewall
Some other tips:
Servers that block based on URL are usually subscription based - as the list of sites to block can be quite long to compile and needs to be updated. Some companies do not keep up the subscription, so newer sites might be accessible, or new variations of the old site ie suck-o.biz.
Servers can blacklist entire countries, based on IP blocks. You can try hopping to a server/IP that can retrieve the blocked URL for you, like a proxy, but firewalls blacklist proxies or their port numbers for this reason. See LAN settings in the browser or machine - set IP and port for proxy, just print out a list of proxies you downloaded at home. Newer proxies work as blacklist sites have not caught them yet.
Wifi - can be connected improperly to the network, bypassing the firewall to access the internet. Wifi leaking from other sources than 'public' access might have escalated privileges that bypass the firewall too - example wifi leaking from the admin offices could be accessed in the student library. Sniff wifi signals and attempt to associate.
My previous job had Websense, it blocked Suck-o as "Computer Crime" lol - but I could access it via HTTPS https://www.suck-o.com" onclick="window.open(this.href);return false;" onclick="window.open(this.href);return false;
Now - one last tip -
You may have signed a "Internet and electronic use policy" This is a contract you sign as a student or customer of an internet access, it basically says that any attempts to bypass security will revoke your priviledges. I know for fact that colleges do spend a fair amount of time monitoring and reporting students that use the college network inappropriately. They can kick you out of college. This can also apply at work. Every pager, phone, laptop, or computer you use for work, can be monitored by them. Never use a work computer or phone for business you don't want your boss to know.
At my last job, it took a few months before they found I was using HTTPS to access a site blocked by their HTTP. I did get a visit from the boss, who got a report from the IT dept. Websense can print out all the web access, and how long you spent on the site, for each network segment - it made it easy to detect which office is surfing too much.
While I was not a bad offender at work surfing, the boss was all FUD over the suck-o "Computer Crime" label Websense gave it.
Glad I left that place, We don't need the Wall....
DNR
Servers that block based on URL are usually subscription based - as the list of sites to block can be quite long to compile and needs to be updated. Some companies do not keep up the subscription, so newer sites might be accessible, or new variations of the old site ie suck-o.biz.
Servers can blacklist entire countries, based on IP blocks. You can try hopping to a server/IP that can retrieve the blocked URL for you, like a proxy, but firewalls blacklist proxies or their port numbers for this reason. See LAN settings in the browser or machine - set IP and port for proxy, just print out a list of proxies you downloaded at home. Newer proxies work as blacklist sites have not caught them yet.
Wifi - can be connected improperly to the network, bypassing the firewall to access the internet. Wifi leaking from other sources than 'public' access might have escalated privileges that bypass the firewall too - example wifi leaking from the admin offices could be accessed in the student library. Sniff wifi signals and attempt to associate.
My previous job had Websense, it blocked Suck-o as "Computer Crime" lol - but I could access it via HTTPS https://www.suck-o.com" onclick="window.open(this.href);return false;" onclick="window.open(this.href);return false;
Now - one last tip -
You may have signed a "Internet and electronic use policy" This is a contract you sign as a student or customer of an internet access, it basically says that any attempts to bypass security will revoke your priviledges. I know for fact that colleges do spend a fair amount of time monitoring and reporting students that use the college network inappropriately. They can kick you out of college. This can also apply at work. Every pager, phone, laptop, or computer you use for work, can be monitored by them. Never use a work computer or phone for business you don't want your boss to know.
At my last job, it took a few months before they found I was using HTTPS to access a site blocked by their HTTP. I did get a visit from the boss, who got a report from the IT dept. Websense can print out all the web access, and how long you spent on the site, for each network segment - it made it easy to detect which office is surfing too much.
While I was not a bad offender at work surfing, the boss was all FUD over the suck-o "Computer Crime" label Websense gave it.
Glad I left that place, We don't need the Wall....
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
-
bad_brain
- Site Owner
- Posts: 11636
- Joined: 06 Apr 2005, 16:00
- 19
- Location: In your eye floaters.
- Contact:
Re: Ping and Firewall
yeup, a website runs through the HTTP protocol, while ping is ICMP.
have a look here to check the different package types you can send via ICMP ("echo request", which is the actual name of "ping" is just one of them):
http://en.wikipedia.org/wiki/Internet_C ... e_Protocol" onclick="window.open(this.href);return false;
nowadays many hosts block ICMP completely btw, because some types can be abused like the "source quench" type.
have a look here to check the different package types you can send via ICMP ("echo request", which is the actual name of "ping" is just one of them):
http://en.wikipedia.org/wiki/Internet_C ... e_Protocol" onclick="window.open(this.href);return false;
nowadays many hosts block ICMP completely btw, because some types can be abused like the "source quench" type.
Re: Ping and Firewall
Hey you might want to look at this project 
http://www.cs.uit.no/~daniels/PingTunnel/
there is a windows version also just google pTunnel Windows
*cheers
Maboroshi
http://www.cs.uit.no/~daniels/PingTunnel/
there is a windows version also just google pTunnel Windows
*cheers
Maboroshi