# Need help to fool / bypass Fortiguard web filter



## megazero1x1 (Apr 15, 2014)

Hello all.

In my university, the internet is heavily filtered by fortiguard.
My biggest issue us that gaming sites are blocked and so are services like steam.
Also, there is a bandwidth cap on all websites which are not approved by the university (50KB/s).

So my question is ,
Is there any way by which I can fool fortiguard or whatever software they are using, into thinking that I am browsing a university approved website when I'm not ?
And is it possible to completly bypass the entire web filter so I can browse the internet unrestricted.

Please don't suggest VPNs and proxies. Most of them are blocked too. The only VPN which I know works happens to be vpnbook.com .

Any and all help will be appreciated.
Thank you 

Megazero1x1


----------



## trumpet-205 (Apr 15, 2014)

The best you can do is to use VPN which are not blocked, but I doubt there is a way around bandwidth cap (assuming they use whitelist).


----------



## FAST6191 (Apr 15, 2014)

First what are the penalties for bypassing the blocks? If you are just going to get a "they are there to protect you" lecture then fine but it is really not worth getting expelled or on a shitlist for.

Never heard of the filter and can not be bothered to look it up right now. Is it just a blacklist and bandwidth whitelist? Does it scan the contents of the page or URL? If so then you might have to go SSL. Is the list university maintained or company maintained? For the former there can be cracks as that is a full time job, it can be the company provides a base and the university takes it from there though, 

If normal VPN will not work then usually you get to build your own back to your house, that or some form of VNC. If you are at university to try to save some bandwidth at home then this is not ideal.

Speed caps.
Do you control any of the sites? Doubtful but I have seen people whitelist google's domains; this can include sites.google.com
If you control such a site then you can try things like cURL ( http://curl.haxx.se/ ), I am not sure about google sites specifically there (they have hosting but it is very limited in what you can do).
Minor alternative is if the site uses a generic CDN (cloudflare and the like) -- subdomains here are often unpredictable and so the whole thing might be whitelisted. Exploiting this fact would be very annoying but not outside the realms of possibility.

Steam might be harder if you do not want to do it over personal VPN.

Beyond that you get to do more hackery things. One of the more popular things here includes VPN over DNS -- DNS requests tend not to be filtered and tend not to be limited in bandwidth (It is "just" DNS after all), now you pipe everything over DNS requests and it can get through. I just searched and apparently there are commercial services offering this now so that might be an option,


----------



## Costello (Apr 15, 2014)

I'm pretty sure Astrill can get through this https://www.astrill.com
they use a special proprietary tunnelling technology; it works everywhere I've tried including in China where the Internet is largely blocked

I think they have a free trial period when you are invited by other people. If you want to give it a try, PM me your email address so I can invite you for a free trial.


----------



## megazero1x1 (Apr 15, 2014)

First I'd like to thank all of you for the replies.
@ fast6191, its the usual to protect you lecture.
Also I not sure if it is a black / white list or a full content scan. But seeing that they actually categorised the web sites, I'd say it's a white / black list. 
Also I think you are right about the company providing a base and the university taking it further.
And just so that I don't seem like and idiot , I live in the university dorms. If I had easy access to my home net connection, no way I'd go through all of this.

As of the speed cap, its a white list case. Only the educational websites which are approved by the university have streaming enabled reach the max speed.
Also I forgot to mention but all kinds of streaming of videos flash and HTML 5 are blocked and I'm not sure here but I suspect that all UDP ports are blocked as well.

And thank you for informing me about the VPN over DNS.I'll be sure to give that a try.


----------



## megazero1x1 (Apr 15, 2014)

@ Costello, thank you for your offer. I'll be sure to pm you my email asap.

Also to the mods, I am extremely sorry as I am unable to format my posts correctly , as I'm currently using my smart phone and its very tedious to do so.

Again sorry for all the inconvenience I have caused.


----------



## james50a (Apr 15, 2014)

depending on if u have spare money u can always just rent a cheap server in ur area for under 4$ and route through there. http://lowendbox.com/ is a good place to find them, although u have to have knowledge of linux


----------



## Joe88 (Apr 15, 2014)

in my school they also use fortiguard
tor can bypass it easily enough (assuming you have USB permissions and can run programs)

the normal desktop computers on campus (wired connection) use a student account login system
I found out the eterhnet ports use MAC address filtering so you cant just plug your laptop in and use the connection
however if you login on the desktop and just do a ipconfig in the cmd prompt and copy the MAC address down and logout (also assuming you have cmd prompt access, most uni's block it)
on your laptop you can use a MAC spoofer and just copy the same address down for the LAN port and you can now bypass their login system as well as get the full access of the T3 connection
even steam works on it


----------



## megazero1x1 (Apr 15, 2014)

I have tries tor before but had no success.
Maybe at my university they are using some kind of a higher security setting on fortiguard.


----------

