Expat-IT Tech Bits

Home

Contact

Links

Search this site:

Categories:

/ (287)
  Admin/ (122)
    Apache/ (10)
      HTTPS-SSL/ (4)
      PHP/ (3)
      performance/ (2)
    Cherokee/ (1)
    LAN/ (4)
    LVM/ (6)
    Monitoring/ (2)
      munin/ (2)
    SSH/ (6)
    SSL/ (1)
    Samba/ (1)
    VPN-options/ (6)
      OpenVPN/ (1)
      SSH-Proxy/ (3)
      Tinc/ (1)
      sshuttle/ (1)
    backups/ (17)
      SpiderOak/ (1)
      backuppc/ (5)
      dirvish/ (1)
      misc/ (6)
      rdiff-backup/ (1)
      rsync/ (1)
      unison/ (2)
    commandLine/ (24)
      files/ (8)
      misc/ (10)
      network/ (6)
    crontab/ (1)
    databases/ (15)
      MSSQL/ (2)
      MySQL/ (8)
      Oracle/ (3)
      PostgreSQL/ (1)
    dynamicDNS/ (2)
    email/ (11)
      Dovecot/ (1)
      deliverability/ (1)
      misc/ (1)
      postfix/ (7)
      puppet/ (1)
    iptables/ (3)
    tripwire/ (1)
    virtualization/ (9)
      VMware/ (1)
      virtualBox/ (8)
  Coding/ (14)
    bash/ (1)
    gdb/ (1)
    git/ (3)
    php/ (5)
    python/ (4)
      Django/ (2)
  Education/ (1)
  Hosting/ (27)
    Amazon/ (18)
      EBS/ (3)
      EC2/ (10)
      S3/ (1)
      commandline/ (4)
    Godaddy/ (2)
    NearlyFreeSpeech/ (3)
    Rackspace/ (1)
    vpslink/ (3)
  Linux/ (30)
    Android/ (1)
    Awesome/ (3)
    CPUfreq/ (1)
    China/ (2)
    Debian/ (8)
      APT/ (3)
      WPA/ (1)
    audio/ (1)
    encryption/ (3)
    fonts/ (1)
    misc/ (6)
    remoteDesktop/ (1)
    router-bridge/ (3)
  SW/ (45)
    Micro$soft/ (1)
    browser/ (2)
      Chrome/ (1)
      Firefox/ (1)
    business/ (28)
      Drupal/ (9)
      KnowledgeTree/ (6)
      Redmine/ (2)
      SugarCRM/ (7)
      WebERP/ (2)
      WordPress/ (1)
      eGroupware/ (1)
    chat/ (1)
    email/ (1)
    fileSharing/ (2)
      btsync/ (1)
      mldonkey/ (1)
    graphics/ (2)
    research/ (2)
    website/ (6)
      blog/ (6)
        blosxom/ (3)
        rss2email/ (1)
        webgen/ (1)
  Security/ (15)
    IMchat/ (2)
    circumvention/ (2)
    cryptoCurrency/ (1)
    e-mail/ (4)
    greatFirewall/ (1)
    hacking/ (1)
    password/ (1)
    privacy/ (2)
    skype/ (1)
  Services/ (1)
    fileSharing/ (1)
  TechWriting/ (1)
  xHW/ (14)
    Lenovo/ (1)
    Motorola_A1200/ (2)
    Thinkpad_600e/ (1)
    Thinkpad_a21m/ (3)
    Thinkpad_i1300/ (1)
    Thinkpad_x24/ (1)
    USB_audio/ (1)
    scanner/ (1)
    wirelessCards/ (2)
  xLife/ (17)
    China/ (9)
      Beijing/ (5)
        OpenSource/ (3)
    Expatriation/ (1)
    Vietnam/ (7)

Archives:

  • 2016/07
  • 2016/05
  • 2016/02
  • 2016/01
  • 2015/12
  • 2015/11
  • 2015/06
  • 2015/01
  • 2014/12
  • 2014/11
  • 2014/10
  • 2014/09
  • 2014/07
  • 2014/04
  • 2014/02
  • 2014/01
  • 2013/12
  • 2013/10
  • 2013/08
  • 2013/07
  • 2013/06
  • 2013/05
  • 2013/04
  • 2013/02
  • 2013/01
  • 2012/12
  • 2012/10
  • 2012/09
  • 2012/08
  • 2012/07
  • 2012/06
  • 2012/05
  • 2012/04
  • 2012/03
  • 2012/01
  • 2011/12
  • 2011/11
  • 2011/10
  • 2011/09
  • 2011/08
  • 2011/07
  • 2011/06
  • 2011/05
  • 2011/04
  • 2011/02
  • 2010/12
  • 2010/11
  • 2010/10
  • 2010/09
  • 2010/08
  • 2010/07
  • 2010/06
  • 2010/05
  • 2010/04
  • 2010/03
  • 2010/02
  • 2010/01
  • 2009/12
  • 2009/11
  • 2009/10
  • 2009/09
  • 2009/08
  • 2009/07
  • 2009/06
  • 2009/05
  • 2009/04
  • 2009/03
  • 2009/02
  • 2009/01
  • 2008/12
  • 2008/11
  • 2008/10
  • 2008/09
  • Subscribe XML RSS Feed

    Creative Commons License
    This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
    PyBlosxom

    This site has no ads. To help with hosting, crypto donations are accepted:
    Bitcoin: 1JErV8ga9UY7wE8Bbf1KYsA5bkdh8n1Bxc
    Zcash: zcLYqtXYFEWHFtEfM6wg5eCV8frxWtZYkT8WyxvevzNC6SBgmqPS3tkg6nBarmzRzWYAurgs4ThkpkD5QgiSwxqoB7xrCxs

    Sun, 14 Feb 2010


    /Security/circumvention: Downloading Files When You Are Being Blocked

    I live in China, and I have to deal with file downloads being blocked all the time. Particularly of the Canadian and US news podcasts I am fond of watching. For the record, it is hard to tell whether the Chinese are censoring, or whether the providers are trying to save bandwidth by blocking all of China. I think there is a little bit of both going on. So here is how I deal with it.....

    A lot of things are not blocked, and for that I use Miro[1]. Miro has a lot of nice features for video podcatching. In my often bandwidth-starved situation, chief among them is that Miro is pretty good at resuming interrupted downloads, even after an over-night shutdown.

    For blocked podcasts, I have an encrypted SSH tunnel setup from my desktop to one of my servers in the USA. Setup ssh, autossh, and proxychains per these posts[2]. With my tunnel setup, I use a second piece of podcatching software called gpodder[3], which I start in a terminal like this:

    proxychains gpodder&

    to force all gpodder traffic through my encrypted tunnel. Then use gpodder per normal to download blocked podcasts. However....

    In China, there are often extended periods of time when the powers-that-be use the Great Firewall to interfere with these kind of downloads. Sometimes there are repeated network interruptions that cause large files to fail before there download completes. Sometimes this seems to be combined with bandwidth throttling, where each network connection I make is limited to 5 kb/s of download, which makes the download VERY long, and even more prone to interruptions.

    For these particularly difficult situations, I just use gpodder to pull down the list of files from the podcast feeds. Then I use a Firefox plugin called "SQLite Manager"[4] to open gpodder's datebase in ~/.config/gpodder/database.sqlite. In the table called "episodes" can be found a record for each podcast that has been pulled down from the feed. From that record I can extract the actual URL of the file for the podcast, so that I can then download it with wget[5], which is an extremely robust command-line file downloader.

    Then I can start the download in a terminal like this:

    proxychains wget http://www.url.com/path/to/file/filename.something

    Continuing a partially download podcast is as simple as:

    proxychains wget -c http://www.url.com/path/to/file/filename.something

    (Note the "-c".) It is also worth trying the above wget line first without proxychains, as sometimes only the feed URL is blocked, but the server where the actual files reside is not blocked.

    [1] http://www.getmiro.com
    [2] http://blog.langex.net/index.cgi/Admin/SSH-Proxy/ [3] http://gpodder.org/
    [4] https://addons.mozilla.org/en-US/firefox/addon/5817
    [5] http://www.gnu.org/software/wget/

    posted at: 07:14 | path: /Security/circumvention | permanent link to this entry

    Fri, 12 Dec 2008


    /Security/circumvention: Penetrating Firewalls, Internet Censorship, and Eavesdropping

    I just bumped into another interesting site called "Circumvention Tools[1]", which has a nice summary of ways to regain access to blocked / censored websites and prevent others from eavesdropping on things you say and places you go while online.

    Of course Tor[2][3], which provides penetration and privacy, and is one of my personal favorites, gets prominent mention. (And surprise surprise, the Tor website is blocked from where I am sitting right now in P.R.China....) Tor in combination with Firefox and the Firefox torplugin, which allows the Firefox proxy through Tor to be turned on and off with a click of the mouse, is incredibly convenient.

    However, Tor can be really quite slow because not enough Tor users agree to operate exit nodes. So I was intriqued to read about how easy it is to set up a SOCKS proxy[4][7] with SSH. This does require that you have SSH access to another machine outside the network where you are being blocked / spied upon, but that is not so hard. Running a machine at home with dynamic DNS[5] is not too hard in most places (where I live its actually not so easy....) And low-end Virtual Private Servers can be had for as little as US$8 per month[6].

    And finally, in the category of "simple tricks[8]", there are services that will e-mail website content to you in response to an e-mailed request. This strikes me as having other interesting applications beyond penetration.... How about a weather e-mail every morning, with a little help from cron? Or pulling down a site in a very bad / slow network environment?

    [1] http://en.flossmanuals.net/CircumventionTools/
    [2] http://en.flossmanuals.net/CircumventionTools/TorTheOnionRouter
    [3] http://www.torproject.org/
    [4] http://en.flossmanuals.net/CircumventionTools/SSHTunnelling
    [5] http://blog.langex.net/index.cgi/Admin/dynamicDNS/
    [6] http://blog.langex.net/index.cgi/Hosting/
    [7] http://en.flossmanuals.net/CircumventionTools/ConfiguringSocksProxies
    [8] http://en.flossmanuals.net/CircumventionTools/SimpleTricks

    posted at: 09:39 | path: /Security/circumvention | permanent link to this entry