Sign in to follow this  
Followers 0
CS5n531

VPNs and Universities

7 posts in this topic

Last year I was furious at my university's internet policy which is, "If those ports won't help you academically, then we don't give a sh!t". I was unable to play games on Steam, games through my web browser (eg. Quake Live), ext.

A friend exposed me to VPNs, or Virtual Private Networks. He gave me a login name and password and I've been able to successfully bypass every filter my place of education wished to throw at me. I'm posting this thread for two reasons:

(A) I wish I knew of this sooner. My hopes are that maybe someone will find this thread or relay this information if they have a desire to get around network standards.

(B) I would like to know more information about VPNs (good experiences, bad experiences, someone telling me that I'm an idiot for using a VPN for "x" reason). I did a search and didn't see much on them, so let's hear it.

0

Share this post


Link to post
Share on other sites

Why do universities block and filter access to the internet? My university's policy is don't transfer more than 4.2GB/day to a single IP and don't do illegal stuff, also we reserve the right to kick you off the unix servers if they are needed for something academically related. (Also the standard, "don't be a dick, this is our network" clause) Isn't the concept of blocking access to anything sort of antithetical to the concept of unbridled learning. What sort of university controls what the students are allowed to see/do online?

As for VPNs, yes they are nice (especially because I need to VPN into my universities network now that I live off campus... sigh, no more 100Mbps synchronous connection to the dorm), but it is considerably easier for most people to set up a SSH tunnel, so you might want to look into that as an option. In either case, there is going to be some encryption overhead and an additional route that the data has to take to reach you, which means that the connection won't be quite as nice as a direct connection.

Maybe you should try to get into the IT department there or talk to your SGA with the intent to try to change policy (As a member of my school's SGA I can tell you that if there was a policy of blocking the internet I wouldn't rest until we had pushed through a resolution calling on the school to open up the net. Your SGA is there to serve you, use them.).

(Sorry if this is sort of incoherent, I just got out of a midterm and my mind is in random thought connection mode.)

0

Share this post


Link to post
Share on other sites

Why do universities block and filter access to the internet? My university's policy is don't transfer more than 4.2GB/day to a single IP and don't do illegal stuff, also we reserve the right to kick you off the unix servers if they are needed for something academically related. (Also the standard, "don't be a dick, this is our network" clause) Isn't the concept of blocking access to anything sort of antithetical to the concept of unbridled learning. What sort of university controls what the students are allowed to see/do online?

As for VPNs, yes they are nice (especially because I need to VPN into my universities network now that I live off campus... sigh, no more 100Mbps synchronous connection to the dorm), but it is considerably easier for most people to set up a SSH tunnel, so you might want to look into that as an option. In either case, there is going to be some encryption overhead and an additional route that the data has to take to reach you, which means that the connection won't be quite as nice as a direct connection.

Maybe you should try to get into the IT department there or talk to your SGA with the intent to try to change policy (As a member of my school's SGA I can tell you that if there was a policy of blocking the internet I wouldn't rest until we had pushed through a resolution calling on the school to open up the net. Your SGA is there to serve you, use them.).

(Sorry if this is sort of incoherent, I just got out of a midterm and my mind is in random thought connection mode.)

Midterm? In October? Yikes, hope that went well.

It's not that my university blocks things so much as they say, "If ports are closed and they don't need to be opened unless for academic purposes, we will not help you." They suck like that. But the VPN has been working well for me so far, torrents and games are no longer a problem.

0

Share this post


Link to post
Share on other sites

The SecurityNow podcast has a decent introduction series to VPN's( Episodes #14-#19). They talk about a few of the most popular clients and a brief "how they work".

http://www.grc.com/securitynow.htm

I've used OpenVPN and Dynamic SSH Tunneling and they work well.

0

Share this post


Link to post
Share on other sites

Last year I was furious at my university's internet policy which is, "If those ports won't help you academically, then we don't give a sh!t". I was unable to play games on Steam, games through my web browser (eg. Quake Live), ext.

A friend exposed me to VPNs, or Virtual Private Networks. He gave me a login name and password and I've been able to successfully bypass every filter my place of education wished to throw at me. I'm posting this thread for two reasons:

(A) I wish I knew of this sooner. My hopes are that maybe someone will find this thread or relay this information if they have a desire to get around network standards.

(B) I would like to know more information about VPNs (good experiences, bad experiences, someone telling me that I'm an idiot for using a VPN for "x" reason). I did a search and didn't see much on them, so let's hear it.

University blocking of specific TCP and UDP ports is definitely a headache. If you want to confirm which ports are blocked or not, you can try firebind.com. They have a java applet that can test any of the 65535 UDP or TCP ports to see if they are blocked.

0

Share this post


Link to post
Share on other sites

you could once upon a time do that with login.icq.com back in the mirablis days since it listened on every port for incoming icq connections, don't know if it still works mind...

If your in a really tight spot connectivity wise, there are some tools which can force ssh connections through even filtered proxy'd web connections, and once you have established a ssh connection through the filtering mechanisms, you can forward ports within the tunnel to your hearts content unseen apart from the initial ssh-over-proxy connection itself if you have a sharp network admin watching.

http://www.agroman.net/corkscrew/

0

Share this post


Link to post
Share on other sites

This discussion is being framed in a certain way that may not provide the best overall view. Ports are are closed on institutional networks to maintain network quality (bandwidth), network integrity (functionality) and security. Actually, this should be standard for any network. Use only what you need. It's not that the school is being unhelpful. It's that they are trying to maintain the above. You've admitted that you want to circumvent the closed ports to play games. Networked games can be bandwidth hogs. Multiply that by all the students at your school who like to play games and you can see a potential problem. Likewise, opening non-standard ports expands the attack vector. Now multiply that by all the non-technical users at your school who don't know how to protect their machines and you can see a potential problem. Schools and other institutions have to adhere to a myriad of security and privacy policies (e.g. HIPAA). That adherence sometimes trumps other things such as personal entertainment. Lastly, managing ports for non-academic use could be a logistical nightmare, depending on the size and complexity of the network and the size and resources of the network administration staff.

Quite frankly, primary, middle and high schools do have a vested interest in maintaining the focus of the student. College is a little different because the users are legally independent and have theoretically developed their overall learning skills at that point. Most colleges have less restrictive networks than lower level institutions.

I'm in no way meaning to discourage your exploration of VPNs, just providing some perspective on why the school might not seem to be cooperative.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0