Slashdot Mirror
Firewall Traversal for Macs?
TexTex asks: "I find myself lacking in many of the joys of the internet while at work, largely because of a particularly effective firewall. While it works great at keeping stuff out, it also keeps me in. FTP and HTTP proxies are the only available exit (no SOCKS). Also, I'm using a Mac so firewall support on many of the apps are not as flexible as I'd like. Napster, Gntuella, and Quicktime streams are unavailable (not to mention all those swell Yahoo internet games). Any ideas how a lone Mac user can escape from the inside?"
ZD's Firewalls Alternatip might be useful. Hope this helps.
Does everybody else have access out? Is this one of those MSProxy's? If other people don't have access out, then I'm afraid I can't help simply because of the fact that you are on an equal plane as everyone else. But, if it is an MSProxy, you can install the proxy client for the mac. You will be able to have almost seemless internet access.
I don't know much about a Mac's networking ablities but isn't there a header that will allow you to access the outside through HTTP even if it's not a HTTP request? I forget what it was, maybe I'm thinking of something else even?
Failing that, how about PPP over HTTP? You could setup a server outside of the firewall and set PPP over POST requests. Could that not be done with a bit of hacking? If it cannot be done on the Mac could it be done in Linux? You could always install Linux on your computer.
Like I said I don't know much about the TCP/IP stack on the Mac or Linux, for that matter, so this might not even be possible.
At least, version 4.1 can. In the transport section of the QT cpanel you can tell it to use TCP port 80 (HTTP),instead of the usual UDP 5970-5999 (RTSP). If you need QT 4.1, go to http://www.apple.com/quicktime/download/support/ to get the stand-alone installer instead of the annoying internet-based installer. (It's about 8M)
;-)
For other means of getting through, you could ask around for a shell account that you can connect to via port 80. (Preferably with SSH.)
Boy, I would sure love to be hired to play Yahoo games and trade MP3s all day. Wait, you mean that's not what you've been hired to do?
Any sufficiently advanced civilization is indistinguishable from Gods.
Why the hell was this moderated down? It's a valid point.
.iMMersE
codegolf.com - smaller *is* better.
I dont know about the mac.. but doesn't the napster client allow u to select a data port?
wonder if u could just set that to 80 and have things work... worth a shot
As I see it you have four choices:
I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.
I work at a company where we keep the firewall pretty tight (and we just loosened it to allow outbound telnet - something I thought I'd never see) as well as take other security issues in mind (we consider running non-standard/non-supported software a security risk). Have you consulted your company's Internet usage guideline? I know for a fact our specificaly limits all non-work related computer use to surfing the web during lunch and nothing else is permitted. You might want to consider that someone put that firewall there so you can't do these activities for a reason - they don't want you to. Now, I'm the first person to complain about these rules, but it's not my job to stand up and get my head cut off I just enforce policy and go home. They own the machines, the CAT5, the routers, and pay for the Internet hookup. Like it or not, they have the right to say what you can and can not do with their property. Don't like it - quit - it's a lot nicer than getting fired...
Wheeeee
it wasn't moderated down
AC posts start at 0
if it were moderated down, it'd be at -1
*smacks you*
Need a Catering Connection
OK, OK, I'm a dick!
.iMMersE
codegolf.com - smaller *is* better.