Sunday, June 1, 2008

safest way to get around of internet restrictions

formerly, turk telekom was using a very simple way for internet restrictions. only in dns servers,  the address of original site was replaced with the address of the page where related court judgement is published. if you don't use turk telekom's dns servers, you'll be able to access forbidden sites.  

recently i realized that i can't reach the forbidden youtube in spite of not using turk telekom's dns servers. i guess turk telekom engineers got angry with the comments written on internet about how stupid they are that they can't even forbid a site in a proper way. they'd decided to cut the routes to the forbidden site finally (i can't really believe to the guys who writes these provocative messages, how can you think that a network engineer can be so stupid? i think it was just their goodness). 

anyway, with the latest restriction method, using a proxy server became a necessity to access forbidden sites. but using the first proxy address you've found on internet is a suicide. in this way, you're letting to a stranger to listen your internet traffic and you make yourself an easy target for "man in the middle" attacks.

if i were you, i wouldn't use any unknown dns or proxy server to get around of restrictions. nobody would want to increase their servers' traffic without a purpose, and most likely this purpose would be evil.

for now, the safest way to get around of these restrictions, seems like to use a socks v4 proxy that you would open via ssh on a server abroad if you have one and change your browsers' settings in order to use this proxy. 
# ssh -D 8080 user@hostabroad

above command will open a channel on 8080 port that will be used as an socks v4 proxy. for example, in firefox, if you change your settings to use "localhost:8080" proxy server as you can see below (from Preferences-Advanced tab, in connection settings);

all the traffic of your firefox would be streamed through the "hostabroad" server. so, the rules of your local internet supplier wouldn't be important for you, you can surf on internet within the borders determined by "hostabroad" server's internet supplier now.

unfortunately, because of the mentality that wants my beautiful country to become an iran, it seems, it'll be a necessity to rent a server abroad to surf on internet without trouble.