Learn it before you actually need it
Information - Communities - Tools - Do it yourself - See also
(eventually replace by Αναστασία's scissors)
- HerdictWeb by project of the Berkman Center for Internet & Society at Harvard University
- seeks to gain insight into what users around the world are experiencing in terms of web accessibility; or in other words, determine the herdict.
- Tor: anonymity online
- a global alliance dedicated to bringing the benefits of uncensored access to information to Internet users around the world.
- advanced proxy management tool that completely replaces Firefox's limited proxying capabilities. It automatically switches an internet connection across one or more proxy servers based on URL and IP patterns.
- PRQ OpenVPN tunnel solution
- Ipredator Idleworks 2009
- VyprVPN Golden Frog
- hadoPING offshore company with service entry-points in France, Germany, Iceland and Sweden
- Protocol bypassing (mainly used for open wifi networks)
- I2P Anonymous Network routing traffic through other peers, as shown in the following picture. All traffic is encrypted end-to-end.
- search privacy
- Vanish Enhancing the Privacy of the Web with Self-Destructing Data
- Off-the-Record Messaging (OTR) private conversations over instant messaging by providing Encryption, Authentication, Deniability, Perfect forward secrecy
- ProxyChains TCP and DNS through proxy server. HTTP and SOCKS
Do it yourself
Create an SSH tunnel (to read content)
You need first to rent the server in an Internet location (country but eventually backbone position) that has access to the resources you are intersted in.
- server side : create a new user without a shell or a home
- useradd -s "/usr/sbin/nologin" temporarytunnel
- passwd temporarytunnel
- client side : keep open a tunnel with a defined local port
- ssh firstname.lastname@example.org -D 3248 -N
- configure your clients to connect through the tunnel (thus the same port)
- for example in your browser proxy option select sock4 proxy pointing to 127.0.0.1 port 3248
- optionally configure your clients to use DNS through the tunnel tool
network.proxy.socks_remote_dns=true in Firefox
- connect to a web server with geolocalization (by IP) to check which connection you are actually using
See also SSH Tunnelling according to CircumventionTools and Wikipedia:Corkscrew (program) to run the connections over most HTTP and HTTPS proxy servers or my notes on Lighttpd (and Apache on setting up a forward proxy).
Provide a temporary SSH tunnel (to publish content)
GatewayPorts yes in /etc/ssh/sshd_config
- more details at Shell and with man:sshd
- from the machine you want to share content
ssh email@example.com -R server.tld:port:127.0.0.1:443 -N
- this will open a specific port on the remote server tunneling to your local machine on port 443 (http over SSL) and avoid requesting for a prompt
- check that is working
https://server.tld:port/ to people you trust
Note that you should consider
- dynamically change the port in a deterministic way (using timestamp, weather, a mix...)
- use locally a strict httpd policy (basically only allow 127.0.0.1 traffic)
- use an .htpasswd file else anybody which scans server.tld for open ports and find the https will be able to connect to it and crawl its content
- Monitoring which differs from censorship by analyzing the flow information
- Wikipedia:Propaganda_model#Ownership by Edward S. Herman and Noam Chomsky
- periodically attempt connect from the hidden/blocked machine to one of your public machine
- dyndns for a single point of connection + cron to periodically repeat
- Dot-p2p P2P as in Peer-2-Peer exchanged DNS data, NOT Filesharing!
- real-time messaging
- Derek Bambauer's Publications including several on internet law including censorship
- M-Lab (aka Measurement Lab) open platform for researchers to deploy Internet measurement tools. By enhancing Internet transparency, M-Lab helps sustain a healthy, innovative Internet.
- Respect My Net name and shame operators restricting access to the Internet