Netgear router site blocking question...

Discussion in 'Computer Security' started by Ed, Oct 11, 2005.

  1. Ed

    Ed Guest

    I'm interested to know why/how this happens. If I block any given site
    by putting it in the blocked sites bit of the router (which I did just
    to wind a friend up on our lan) how come its so easy to get round it by
    installing a program called JAP? I understand it runs a local proxy
    server but how can it manage to totally ignore what i tell the router to
    block since it passes through it anyway? Is it possible to stop this?

    Thanks!

    Ed
    Ed, Oct 11, 2005
    #1
    1. Advertising

  2. Ed

    Imhotep Guest

    Ed wrote:

    > I'm interested to know why/how this happens. If I block any given site
    > by putting it in the blocked sites bit of the router (which I did just
    > to wind a friend up on our lan) how come its so easy to get round it by
    > installing a program called JAP? I understand it runs a local proxy
    > server but how can it manage to totally ignore what i tell the router to
    > block since it passes through it anyway? Is it possible to stop this?
    >
    > Thanks!
    >
    > Ed


    I just did a quick google and it appears that this is basically an advanced
    proxy "cloud". Now the reason you can't block it is because you are
    blocking the destination when the JAP client is going to a proxy which then
    relays the packets back and forth between the client and destination. In
    other words the proxy is the "middleman". To effectively block the
    destination address you *also* have to block the JAP proxies....

    You have to be careful using this type of software in a enterprise
    environment as a good admin will check what software you have installed on
    your PC. This type of software *will* get you and escorted to the front
    door....

    Anyway, I hope that helps.
    Imhotep
    Imhotep, Oct 11, 2005
    #2
    1. Advertising

  3. Ed

    Ed Guest

    Imhotep wrote:

    > I just did a quick google and it appears that this is basically an advanced
    > proxy "cloud". Now the reason you can't block it is because you are
    > blocking the destination when the JAP client is going to a proxy which then
    > relays the packets back and forth between the client and destination. In
    > other words the proxy is the "middleman". To effectively block the
    > destination address you *also* have to block the JAP proxies....
    >
    > You have to be careful using this type of software in a enterprise
    > environment as a good admin will check what software you have installed on
    > your PC. This type of software *will* get you and escorted to the front
    > door....
    >
    > Anyway, I hope that helps.
    > Imhotep


    This is interesting thanks (It's actually a home LAN), so I would need
    to block all the JAP proxies in the router to stop JAP working? Is that
    even possible? I suspect there are lots and lots of IPs that the jap
    software may use. I'd quite like to get my own back as he got round what
    I blocked so easily and it would be highly amusing to do also hehe :)

    Thanks for the help.

    Ed
    Ed, Oct 11, 2005
    #3
  4. Ed <> wrote:

    > This is interesting thanks (It's actually a home LAN), so I would need
    > to block all the JAP proxies in the router to stop JAP working? Is
    > that even possible?


    The number of JAP nodes is rather limited. However, it's not only JAP
    you have to worry about - there are LOTS of open proxy servers out
    there that will do the same, even without installing local software. As
    long as the client PCs are allowed to connect directly to the Internet,
    you can't stop them bypassing the filters.

    > I suspect there are lots and lots of IPs that the jap software may use.


    Not really. Currently, JAP shows me 6 different chains, with 4 start
    points... but as mentioned above, you don't even need JAP.

    Google Web Accelerator will also bypass filters, as will calling up
    sites from the Google-Cache, as will "translating" them via Babelfish.


    Juergen Nieveler
    --
    I demand to be loved
    Juergen Nieveler, Oct 11, 2005
    #4
  5. Ed <> wrote:

    > I'm interested to know why/how this happens. If I block any given site
    > by putting it in the blocked sites bit of the router (which I did just
    > to wind a friend up on our lan) how come its so easy to get round it by
    > installing a program called JAP? I understand it runs a local proxy
    > server but how can it manage to totally ignore what i tell the router to
    > block since it passes through it anyway? Is it possible to stop this?


    Easy to explain: You send your browser requests to the local proxy
    (just like you explained above). The proxy then encrypts everything and
    sends it through an SSL tunnel to the first JAP-Mix. Your Netgear
    cannot block the requests because it doesn't actually see them. The
    Netgear only can see requests going to (for example)
    anon.inf.tu-dresden.de - but it cannot tell what those requests are
    about.

    To block JAP, or any other proxy system, you'd have to block the
    adresses of all the proxy servers - which would be rather difficult at
    best, if not impossible.

    Site blocking doesn't really make sense for home users - your kids will
    find ways to bypass the filters if they want to. Such filters are only
    really usefull if you've got full control over all clients and force
    them to use a central local proxy server (not allowing them direct
    connection to the Internet).

    Juergen Nieveler
    --
    If you find yourself in a fair fight you didn't plan your mission
    properly!
    Juergen Nieveler, Oct 11, 2005
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    9
    Views:
    4,627
    Query Builder
    Mar 3, 2005
  2. Replies:
    3
    Views:
    809
  3. poster
    Replies:
    1
    Views:
    562
  4. Dhruv

    stealth-blocking, isp blocking website

    Dhruv, Oct 25, 2004, in forum: Computer Security
    Replies:
    9
    Views:
    3,072
  5. Replies:
    12
    Views:
    1,840
Loading...

Share This Page