Forum: Ruby Proxy Server

18e826065b94e779fc389c0d3c7ca2c3?d=identicon&s=25 James Parsons (james_parsons)
on 2013-09-19 16:00
I understand that all a proxy does is redirect net traffic, but I dont
see how one could be used to bypass web content filtering. I do plan to
write one, (and make money off of people in my school) and I would like
for someone to explain how a proxy could be used to do this, and mabye
suggest a good gem to work with in this project
C993c6aaffc6cf7b477a5075099e1d36?d=identicon&s=25 Peter Hickman (Guest)
on 2013-09-19 16:34
(Received via mailing list)
Why write one when you could just install one and configure it?

Try Googling for "open source proxy server"
C5e056d4888f81842e966ff308c03416?d=identicon&s=25 Jeremy Bopp (Guest)
on 2013-09-19 16:39
(Received via mailing list)
On 09/19/2013 09:00 AM, James Parsons wrote:
> I understand that all a proxy does is redirect net traffic, but I dont
> see how one could be used to bypass web content filtering. I do plan to
> write one, (and make money off of people in my school) and I would like
> for someone to explain how a proxy could be used to do this, and mabye
> suggest a good gem to work with in this project

First of all, there is no need to write your own proxy software for
this.  It's far more involved than you think, and there are plenty of
free implementations available for many platforms that will be more
performant and secure than what you're likely to produce yourself using
Ruby.

In order for any proxy to defeat a web content filter (which itself is
often a kind of proxy!), you have to be able to reach your proxy
/through/ the content filtering service.  In other words, your proxy
lives on the Internet at large, and if you can reach it from within a
secured network such as a corporate office or a school, it can allow you
to go anywhere you wish by providing a tunnel through which your true
requests are made.  However, a well-secured content filter is likely to
block your proxy service to begin with simply by disallowing certain
kinds of traffic to non-vetted hosts or by only allowing specific
non-proxy traffic (such as plain HTTP).

Assuming you find a way to circumvent the content filter at your school,
have you considered the ramifications of not only using that service
yourself but also selling access to it to others at your school?  The
administration will only need to hear about it from one person, and at
best your service will then be blocked explicitly.  You may also face
disciplinary repercussions or expulsion.

-Jeremy
E2cc2f0e2348266c536838e4e9f67a74?d=identicon&s=25 Eliezer Croitoru (Guest)
on 2013-09-20 01:57
(Received via mailing list)
On 09/19/2013 05:00 PM, James Parsons wrote:
> I understand that all a proxy does is redirect net traffic, but I dont
> see how one could be used to bypass web content filtering. I do plan to
> write one, (and make money off of people in my school) and I would like
> for someone to explain how a proxy could be used to do this, and mabye
> suggest a good gem to work with in this project
>
I will be more then happy to see this kind proxy pseudo code!
if you do get to the point that you have a pseudo code please share it.

Eliezer
42d29eed211f1752daa45c102e9f3bf5?d=identicon&s=25 Peter Wildemann (Guest)
on 2013-09-20 06:40
(Received via mailing list)
One can be used for bypassing websecurity if your server that is running
the proxy is not on a blacklist of your school. The whole thing
shouldn't even be that difficult, just some TCP/IT-Packet-Header
parsing.
By the way, a funny trick that works in my school for bypassing web
security is replacing 'http' with 'https' in URLs. So you may visit
'https://grooveshark.com' and: Here you are, Freedom! :)

Sinc. Peter Wildemann
E2cc2f0e2348266c536838e4e9f67a74?d=identicon&s=25 Eliezer Croitoru (Guest)
on 2013-09-23 00:52
(Received via mailing list)
Hey,

the thing in your school is a security hole and the admin should be
asked about it to make sure it will not happen.
The WWW is a very dangerous place for most of us.

Eliezer
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.