Now some companies may have restrictions on the internal network, for example, some audio and video sites can not be opened, like this

Or something like this

It’s absolutely amazing! But sometimes I just want to listen to music and work at the same time. What about that?

Answer: can use mobile phone to listen to a song, can helpless I flow carry not to live!! 😭

How was it sealed off?

The main techniques and forms of blockade

Ports and IP addresses are blocked
- Because the default port to access the site is 80, access is blocked;
- IP blocking is the list mentioned above. Access to this IP address is blocked if it is detected.
DNS domain name hijacking
- Before sending a request for a domain name, you need to query the corresponding IP address through the DNS service.
- The ** mechanism can return the wrong IP address when you query;
Packet filtering by keyword
- After knowing the IP address, the system initiates HTTP requests, and intercepts the request if it contains blocking keywords.
Traffic monitoring
- Detection of flow direction and frequency;

countermeasures

Proxy server (forwarding data with foreign host)
- Use a broader approach, using a normal server to relay requests;
Data encryption (with encryption software)
- So that the ** mechanism cannot detect the requested content;
Use a secure VPN connection
- Establish a dedicated network channel between the requester and the receiver;

If the proxy server to solve

If you just need to bypass the company network restrictions to listen to music or watch videos, do not need scientific Internet access, and you happen to have a cloud server, the following SAO operation should be able to meet your needs ~

SSH Tunnel (Port Forwarding)

Start with SSH dynamic port forwarding, which allows you to create a socket on your local (SSH client) machine that acts as a SOCKS proxy server. When the client connects to this port, the connection is forwarded to the remote (SSH server) machine, which is then forwarded to the dynamic port on the target machine. The command line is as follows:

ssh -D [LOCAL_IP:]LOCAL_PORT [USER@]SSH_SERVER
Copy the code

In Windows, you can use Xshell and Finalshell to create an SSH connection. Then, set the tunnel in the Settings, select socks5, and set the listening port. The default port is 1080 and the address is 127.0.0.1

Here’s my example of finalshell:

Don’t forget to make sure the connection is open when you use it

SwitchyOmega (Browser proxy)

If you need to access music sites through your browser (and video sites should do the same), just install SwitchyOmega and do the following

Then you should be able to access music sites normally

Client HTTP proxy

The music website always has many restrictions, many songs can not listen ~, we can directly set up the client proxy, so that you can directly use the client to listen to the songs.

So there is a small problem at this time, we build through SSH dynamic port forwarding is SOcks5 proxy, and general clients are using HTTP proxy, how to do?

Don’t panic! There are many methods, I found a small program socks5toHttp on the Internet, it can realize the SOcks5 proxy service into HTTP proxy service, see readme.txt for specific use, the effect is as follows:

Of course, you can also use other programs to implement socks5 proxy service to convert HTTP proxy service, such as

Github.com/cyfdecyf/co…
Blogtt. Readthedocs. IO/en/latest/t…

Ensure that the program has been run before use

After the conversion, we can directly configure the corresponding HTTP proxy in the client ~, take QQ music client as an example

Port Set the HTTP proxy port after the translation. The IP address is 127.0.0.1

This is done, if you are in the client configuration proxy, then with your scientific Internet access is basic conflict, both can exist at the same time

Extend the learning

Finally, how can we not expand our knowledge? Since the use of SSH proxy, it is natural to understand, is the so-called know what it is know why, relevant links to bring you ~

Play SSH port forwarding
What is the difference between HTTP and SOCKS proxies?

Refer to the link

Some of the content is referenced from the following article

Bypassing the gatekeeper and sneaking out to surf the Internet

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

SAO operation to bypass the Intranet restrictions to listen to songs

How was it sealed off?

The main techniques and forms of blockade

countermeasures

If the proxy server to solve

SSH Tunnel (Port Forwarding)

SwitchyOmega (Browser proxy)

Client HTTP proxy

Extend the learning

Refer to the link

SAO operation to bypass the Intranet restrictions to listen to songs

How was it sealed off?

The main techniques and forms of blockade

countermeasures

If the proxy server to solve

SSH Tunnel (Port Forwarding)

SwitchyOmega (Browser proxy)

Client HTTP proxy

Extend the learning

Refer to the link

Related Posts

MySQL(2

What level of programmer are you?

Completely solve the distributed transaction problem in Spring Cloud with Seata!