Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tunneling Under the Great Firewall?

Posted by kdawson on from the tiptoeing-around-dragons dept.

An anonymous reader writes "I am traveling to China in the near future, and needless to say as a Slashdot reader I am going to require access to the Internet. The whole, unadulterated, unfiltered Internet. Also needless to say, I am very leery of the government there (my lack of a nickname on this submission being testament to that). I will only be there for a few weeks, and will not be using the computer for much of that time, so I don't want to shell out a lot of money to a VPN service. However I also don't want to be hindered by extremely slow speeds such as those provided by the Tor network. I have experience implementing Web servers and work fairly often with Linux; however, many of my friends who also face the same dilemma don't. What would be the most cost-effective (free is best) method for me to subvert the Great Firewall during my travels while maintaining sufficient anonymity and enjoying sufficient speed?"

6 of 403 comments (clear)

  1. SSH by Hatta · · Score: 5, Informative

    SSH tunneling with SSH -D is trivial to set up. Make sure you forward DNS with network.proxy.socks_remote_dns set to true if you're using Firefox.

    I think I read that SSH can even create a virtual network device that forwards all traffic over a tunnel. Haven't had time to play with that though. That would be a great solution for every app, even those that don't support SOCKS proxies.

    --
    Give me Classic Slashdot or give me death!
    1. Re:SSH by leuk_he · · Score: 4, Informative

      Yup.

      -Setup a ssh server outside of china, always on. for windows use some port like copsshd.
      -Set ip up at an alternate port (not 22, use 443), it will obfuscate it a little bit.

      In china run ssh client, putty can do this, tunnelier has some more options
      https://calomel.org/firefox_ssh_proxy.html
      Then use proxy options of firefox to send traffic over this proxy. Be careful no to leak too much dns info.

  2. Re:Really? by flippy10 · · Score: 5, Informative

    http://en.wikipedia.org/wiki/List_of_websites_blocked_in_the_People's_Republic_of_China Those definitely all sound like sites chock full of state secrets.

  3. Re:Fear by grub · · Score: 5, Informative


    Besides, the Chinese and Asian in general are quite relaxed people.

    It isn't the general population causing the VPN problems we have with people travelling in China, it's the government.

    --
    Trolling is a art,
  4. Re:Is ssh blocked? by DoctorNathaniel · · Score: 4, Informative

    I have done this from Beijing and it worked the week I was there.

    FoxyProxy is a nice add-on to use for this, since it allows you to either whitelist specific sites for use through the proxy, or to simply switch back and forth to the proxy as you need.

  5. Re:Good luck! by Cimexus · · Score: 5, Informative

    Yep, mod parent up.

    Even better, make one yourself. Grab an old box you have lying around, whack a copy of Ubuntu on it (or other Linux distro of your choice), enable SSH server and leave it running on your net connection at home. Then using PuTTY or whatever on your laptop you're taking to China, make SOCKS proxy/SSL tunnel to your home box and you are good to go.

    Free software and simple to do. Speeds are limited by the speed of your connection in China, and obviously the upstream speed of your net connection back home. But should be enough for basic browsing.