Please create an account to participate in the Slashdot moderation system


Forgot your password?
The Internet Censorship Education Networking Technology

Ask Slashdot: Dealing With University Firewalls? 582

An anonymous reader writes "My university only provides access to the web, via a restrictive content filter and proxy service. There is no access to the wider internet. I was wondering if this is common, and if anyone has any suggestions on how to go about protesting the issue. I've spoken to the lecturers and they have the same frustrations I do. I've also spoken to the head of the IT department who spouted lines about 'protecting the network.' This is very frustrating, I've seen a number of students making use of 3G/4G dongles to get access to the net and this just seems crazy. The restrictions applied to the web are draconian, with sites such as hackaday, hypberbole and a half, somethingawful, etc being blocked." What would you do to get better access?
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Dealing With University Firewalls?

Comments Filter:
  • ... so you get controlled.

    Get over it.

    • by mattventura ( 1408229 ) on Monday February 27, 2012 @04:49AM (#39170147) Homepage
      If the university's IT department isn't providing the services that students and faculty need, then the issue should probably be raised above the IT department. The purpose of an IT department is to provide a service to the organization, not to make the organization bend over to the IT dept.
      • by Anonymous Coward on Monday February 27, 2012 @04:58AM (#39170193)

        I have been in the position of having to block internet to a college in a previous job. There were constant battles between the marketing and academic departments about blocking and unblocking social media sites. In the end the marketing department won and they were unblocked. The tutors didn't like it because they relied so much on computers for their lessons rather than using good old fashioned methods like lecturing and demonstrating.

        • by xenobyte ( 446878 ) on Monday February 27, 2012 @10:28AM (#39172141)

          There were constant battles between the marketing and academic departments about blocking and unblocking social media sites. In the end the marketing department won and they were unblocked. The tutors didn't like it because they relied so much on computers for their lessons rather than using good old fashioned methods like lecturing and demonstrating.

          Why was that a problem? - That people might use (gasp!) their computers for more that just the lessons?

          Sounds like narrow-minded tutors with a feeble grasp on reality.

          Besides, why should the tutors care? - If people waste the lessons updating Facebook instead of getting smart, they'll simply fail and thus have wasted their tuition. I hope Facebook was worth it, but the tutors shouldn't care less if the students are that stupid.

          • by bucky0 ( 229117 ) on Monday February 27, 2012 @10:58AM (#39172459)

            Besides, why should the tutors care? - If people waste the lessons updating Facebook instead of getting smart, they'll simply fail and thus have wasted their tuition. I hope Facebook was worth it, but the tutors shouldn't care less if the students are that stupid.

            Because most teachers go into teaching to get students to learn? Because a lot of institutions tie student performance into their evaluations? Because students that aren't paying attention are more likely to distract their neighbors? etc etc...

            • by zooblethorpe ( 686757 ) on Monday February 27, 2012 @12:52PM (#39173773)

              Besides, why should the tutors care? - If people waste the lessons updating Facebook instead of getting smart, they'll simply fail and thus have wasted their tuition. I hope Facebook was worth it, but the tutors shouldn't care less if the students are that stupid.

              Because most teachers go into teaching to get students to learn? Because a lot of institutions tie student performance into their evaluations? Because students that aren't paying attention are more likely to distract their neighbors? etc etc...

              Because teachers with no classroom management skills can't handle potential distractions? Because intro classes are too big for anyone to manage? Because a lot of institutions incorrectly apply industrial metrics to human dynamics?

              There are other concerns about unfettered Internet access in the classroom that go beyond the ideals you mention. My wife has had unfettered internet access in her classrooms for seven years now, in three different schools, and has had very few problems and none recurring. Granted, she's at the middle-school / high-school level instead of university, but plenty of her students have had laptops and smartphones in class. The keys are 1) having small enough class sizes that you can manage them effectively, and 2) having the classroom management skills to get in front of any potential issues and making sure the kids are paying attention to you instead of Lady Gaga. She's found that classes upwards of about 28 students really start to spiral downwards.

              As such, the many intro uni courses with 100+ students can't possibly work, unless the students themselves are invested in their own learning. That said, cutting off internet access is no guarantee that otherwise distracted students will suddenly find themselves raptly attending the teacher's words.

      • by Weezul ( 52464 ) on Monday February 27, 2012 @06:03AM (#39170529)

        Rutgers University bans ssh public keys. Ergo, all the students employ expect scripts that contain their passwords. These expect scripts aren't from students writing em' themselves, but just copied from friends. In particular, there are students who barley know what ls and rm do, but certainly won't know to change their password if their laptop gets stolen. And students commonly hack one another's accounts by copying said script.

      • This. I used to work for a uni and we made every effort to look after people, even those using "unsupported" OSs like Linux. (half of the 3rd line support guys had Linux desktops, so it was only "unsupported" officially - in practice everything worked fine.) We blocked the bare minimum of content - ie. some English student is probably writing an essay on pr0n for all I know. If you're going to get a worm, you can get it over 3G anyway - guess what the default route is going to be when you disconnect?

        And t

      • Students Union. (Score:5, Informative)

        by chrb ( 1083577 ) on Monday February 27, 2012 @06:53AM (#39170727)
        Most (all?) universities have a union to represent the needs of the students. Get them to raise the issue and it's likely to be a lot more effective than one man's personal protest.
        • Re:Students Union. (Score:4, Informative)

          by hairyfeet ( 841228 ) <bassbeast1968 AT gmail DOT com> on Monday February 27, 2012 @11:57AM (#39173145) Journal

          And never forget you are ultimately paying for a service and if they are hindering your ability to learn by crippling the network they are providing a poor service and need to be called on it. It took me awhile to get that to sink in with my oldest but now when a teacher isn't doing their job (one gave them a test on material he never covered because he went on vacation during the period he was suppose to cover it and didn't bother to tell the TA) or something is hampering their ability to get the most out of the class he will get as many of his classmates as he can together and they go to the dean. not only has several things been changed but he was put on the Dean's list for his leadership ability.

          Its like that old saying "There are sheep and there are wolves" and too many simply are afraid to 'rock the boat' or complain even when something is causing them grief. i bet if he organizes his fellow students he CAN get these rules changed, they are paying for the network after all.

      • by paiute ( 550198 ) on Monday February 27, 2012 @09:03AM (#39171339)

        The purpose of an IT department is to provide a service to the organization, not to make the organization bend over to the IT dept.

        Thousands of corporate ITers just spit coffee onto their monitors.

      • by mindcandy ( 1252124 ) on Monday February 27, 2012 @11:36AM (#39172895)
        I am security@ a large public .edu .. and I can say that their approach is quite *uncommon* among my peers in the industry.

        Education is typically a very open environment, and IT will happily provide (within reason) anything that doesn't interfere with something else.

        For example, we have several "hacking labs" on campus, where students are free to do basically whatever they want, regardless of how malicious. Granted, those networks are firewalled off from the rest of campus (and the Internet). We also have PlanetLab, TOR (which I run myself), and a few other projects.

        As for Internet access, we don't have "wide open" like your home DSL (email, for example, must go through our servers for obvious reasons) .. and we block common things like tcp/6666 and tcp/445 outbound .. but other than that, we reguarly field calls from folks that just got $shiny_new_game for their $toy and want to know if we can figure out why voice chat (or whatever) doesn't work.

        Last year we actually had students bring their PS3/Xbox units into a conference room in the IT department, hooked up to our projectors, and had then all plug into a switch where we were running a sniffer .. we had the network engineers, security team, etc. all assembled and basically told the students "go for it" and made several ongoing tweaks to things to ensure they got the best experience (gaming is a latency-sensitive application, we just needed to figure out how to prioritize it with QoS and the packeteer).

        In short .. tl/dr .. sounds like your Uni has a sucky policy. Take it up with the provost .. you are paying to be there, and Internet access is part of your campus experience. If it's not up to par, they need to make changes.
    • by Miseph ( 979059 ) on Monday February 27, 2012 @05:05AM (#39170227) Journal

      Unless the author has a full ride scholarship including room and board... I'd say there is at least a partially legitimate claim to some rights here.

      Anyway, yeah, campus networks can be like that. It's bull. It's also, in my experience, rarely something the IT people are terribly fond of; most of them are at least passingly familiar with how the internet works, and ultimately it requires far more work to maintain a ridiculously locked-down network than one with minimal restrictions. Usually, that comes from higher up in the organization, from some old administrator or trustee or something... IT takes order in academia just like they do in business.

      The best bet for getting a change on this is actually o complain to higher administration, and perhaps as well to school and/or local publications. Putting things in writing usually works well. Bring up issues of censorship and academic freedom, and be sure to mention how this new-fangled internet thing is a really important part of the future. Keep in mind that the details of what is or is not filtered is, largely, irrelevant... it's easy to lose a non-techie audience by getting into the weeds. The point here is to engage them on the emotional level: these decisions are not made because there are clear-cut rational arguments for them, they are made because somebody doesn't like ______ which they believe to be on the internet. Again, getting too logical or specific will just make eyes glaze over, so keep it rhetorical and abstract.

      • 1. There's one thing universities hate more than budget cuts and that's bad publicity. Make a noise and get this issue in the local press and higher if you can do it. 2. For your best results to Item 1 stage a protest to get your point across and get the media there. Social networking and flyers posted around campus will be very helpful with getting other wronged folks out in force. Give folks at least a few days notice and let them know time and place. You may or may not want to inform the administration,
    • Which doesn't mean that their actions are immune from criticism.

    • This would be true... if they owned the bandwidth. If it's a state college, they don't. If private, I would still argue that benefactors of the university have a right to do with the bandwidth as they please. Fundamentally, the administration should have every right (speaking morally, not necessarily legally here) to restrict the bandwidth however they feel... if it were a corporation where the employees work for the employer. In a university setting, the administration is supposed to work for the students.
    • by Sycraft-fu ( 314770 ) on Monday February 27, 2012 @07:02AM (#39170753)

      If it is a private university, then yes, they can do whatever they like, no matter how stupid it is. If they are a public university, then no it isn't "their bandwidth" it is "the public's bandwidth" and they have certain responsibilities.

      So that's the first question to answer: Public or private? If it is private, well then suck it up. Private schools can, and often are, stupid with some of their rules. My recommendation is don't go to them, go to a public university.

      If it is public then the thing to find out is where this is coming from. If it is from on high, the board of regents, there may be little you can do, though you can investigate state law, maybe talk to FIRE. However if it is coming from an overzealous IT department, then maybe it is time for them to get smacked around and learn that they are there to provide a service, not to act like despots.

      In that case maybe talk to the faculty senate. The faculty and administration can ultimately tell the IT department to sit down and shut up, they perhaps just need to be made aware of that fact. Get information from other universities, see how they do it. You'll have no trouble finding places that provide essentially unrestricted Internet access (the university I work at does). Present the faculty with ammunition that it can and should be done a different way and they may choose to affect a change.

      As something of an example of the second scenario in the private sector, my dad worked as a VP for a company;s American branch for many years. They decided to bring him over to the British branch for a bit to clean shit up. So he is over there, meets the guy who is the director in everything but title of that place (that was forthcoming). Guy says "Hi, welcome, I've got to go to this meeting, here's my office make yourself comfortable, I'll be back in an hour." My dad decides he'll check his e-mail and such things on the guys computer. No luck, can't get on the Internet.

      He has someone call IT for him. IT comes down and says "Oh ya he doesn't have Internet access, he doesn't need it." Umm what? The guy in charge doesn't have Internet access? And who the fuck decided he didn't need it? There was no company policy to this effect. Dad snarls at them, 5 minutes later computer has Internet access. The IT department there was very tyrannical. They made rules all of their own and it just never really occurred anyone to yank on their chain.

      Remember, and I say this as someone who works in IT: IT is a service industry. You are there to help people get their jobs done. That means not putting up artificial blocks to shit. That doesn't mean no blocks at all, you have to do things for security, compliance, and so on. However it does mean not being asshats and doing things like offering nothing but extremely locked down web access.

      Also any time you say no to something, you need to have an alternative. So you say "No, you can't have an FTP server. The passwords are clear text and that is insecure. However we will happily help you setup an SFTP (SSH) server instead which is fully secure."

      At any rate step one is to find out from where this policy comes, then you can see if anything can be done about it.

  • ssh is permitted? (Score:5, Insightful)

    by tanveer1979 ( 530624 ) on Monday February 27, 2012 @04:45AM (#39170113) Homepage Journal

    In that case buy a ssh shell minimal hosting account for 2-3$/month.
    Create a tunnel.
    And browse.

    If paid public VPN services are allowed, you can also subscribe to such services. Of course, your browsing will be slower.

    • I do this exactly. I have static IP at home, and a personal server elsewhere, so "ssh -D", and "tsocks" are an EXCELENT combo.

    • I would expect that SSH is forbidden and that everything has to go through the university's web proxy.
      That is the situation I was facing a few years ago when I lived on a college campus. The solution I found was called desproxy and apparently it still exists []. Worked wonders with me.

      • Re:ssh is permitted? (Score:5, Informative)

        by Anonymous Coward on Monday February 27, 2012 @05:39AM (#39170415)

        The solution then is to use port 443 to run SSH. I have a free trial of Amazon EC2 I use for that kind of thing. The speeds are good, you can even watch YouTube with relatively little buffering. If anyone is interested I have it set up:

        SSH Socks Proxy
        corkscrew (software to send ssh through an http proxy, you can also use PUTTY on windows for this)
        CNTLM (you may not need this but I do because the proxy I go through uses NTLM authentication)
        SSH server running on port 443.

      • Desproxy didn't work for me. The Microsoft proxy they had at my college didn't dance with it.

        As for getting around the firewall, what I've done in the past when I needed that was to tether to my phone (through wifi if possible, for discretion).

      • Re:ssh is permitted? (Score:4, Informative)

        by Entropius ( 188861 ) on Monday February 27, 2012 @11:17AM (#39172679)

        How can they forbid ssh and still call themselves a university?

        SSH'ing offsite is a basic prerequisite for all sorts of research in the physical sciences. It's an operation so basic that folks in physics don't even admit the possibility that someone would want to block it.

        At my old university the public (no logon required) wifi was heavily port-filtered. They blocked port 110, for instance -- no POP mail. But they left open SSH, knowing that people relied on it to get work done.

  • Tributes (Score:5, Informative)

    by Anonymous Coward on Monday February 27, 2012 @04:45AM (#39170115)

    Become friends with a member of the IT department. Alcohol can go a long way in beginning an IT related friendship.

    • Re: (Score:3, Interesting)

      by Anonymous Coward

      This. Or, if your university has a Networking section/sub-section, start there.

      I work in IT at a university and although we do have some restrictions on websites (pornography and cheating websites), we also have an appeals process that is open to anyone. I find it silly that they would block off a huge host of seemingly random websites for "safety" reasons, except maybe on university-owned computers open to the public (even then, we just put DeepFreeze on ours).

      Another solution would be to get someone with

  • Which means you can setup a dns proxy for IP traffic and use it. It's not fast but is very handy to have ready when you're for example on a wifi that wants you to pay for using it via some kind of web page.

  • Not an issue here (Score:2, Insightful)

    by Anonymous Coward

    My university doesn't restrict internet access - they, however, ask you to not do anything illegal and log your activities. They give me 1GBit internet connection by cable or 450 MBit/s over WLAN (which I don't know how it is possible) so I can download stuff as quick as my slow laptop harddisk can save it.

    However, if they'd restrict access, I'd probably use TOR or some proxies to get full access or I'd set up a VPN connection to my server and access the internet in that way.

  • To choose a school based on it? Not going to a University with these restrictions is one way to vote with your dollar.
    If you don't plan on leaving, warn incoming students about these policies. Perhaps encourage them to ask about internet restrictions in their interviews. If it's a deciding factor in student enrollment numbers, they'd think hard about it.

    Further, you can petition and urge students to speak out against it. Taking action is an option.

  • Practicality (Score:2, Insightful)

    by Spad ( 470073 )

    If they're dumb enough to lock down internet access to the point that it becomes unusable for work purposes whilst still allowing their network to be trivially bridged by 3G dongles then you're already fighting a losing battle. Chances are that the people writing the policy don't have the slighest clue what they're doing but have read some stuff about how the internet is bad and so should be blocked; be glad they don't do things like blocking all Javascript from running, which I've seen in some companies, t

    • by Kjella ( 173770 )

      If they're dumb enough to lock down internet access to the point that it becomes unusable for work purposes whilst still allowing their network to be trivially bridged by 3G dongles then you're already fighting a losing battle.

      Uh, who said anything about bridged? My impression was that they'd use 3G/4G dongles on their laptops instead of plugging into the university network at all, I don't see how you could block that short of jamming the signal. And presumably they don't care, if it doesn't happen over their network it's not their problem.

      • And presumably they don't care, if it doesn't happen over their network it's not their problem.

        Until those computers come back on their network with infections from the wild, defeating the entire point of their draconian restrictions. Of course, 3G dongles weren't needed for that, just a starbucks in walking distance of campus.

  • VPN? (Score:5, Informative)

    by SalsaDoom ( 14830 ) on Monday February 27, 2012 @04:57AM (#39170185) Journal

    Why not just setup a VPN real fast with someones DD-WRT router. I did this at a job that had a really obnoxious content filtering thing that actually prevented me from doing my job. I just vpn'd to home, but you probably have at least one friend in town that has something good enough for you to work with. Even a shitty VPN will do, since your not trying to protect anything so much as evade things.

  • by kikito ( 971480 ) on Monday February 27, 2012 @05:00AM (#39170205) Homepage

    In all Universities there is an "Inner Circle" formed by network admins, who are impervious to proxy filtering.

    The incantation to enter that select group is:

    "Hey, I'd like to help with the university network maintenance. Can I do it as a practice? I'll do it for free."

    This psalm recited to the right university demon will get you access to the University's network system. With luck, in 1 or 2 months you will have the relevant network keys/info. Probably you will have the rights to whitelist the pages you want.

    Then move out of there.

    • by ryanov ( 193048 )

      My university appears to filter everyone, even the IT department.

      • by dkf ( 304284 )

        My university appears to filter everyone, even the IT department.

        That's because only the desktop machines of the "Inner Circle" will be whitelisted, and that certainly won't be the whole of IT. There will be explicit exceptions in the firewall rules for specific source IP addresses. (One of the exceptions will have to be for the proxy itself, though that could be DMZed. That would be genuinely competent, but unexpected.)

  • 3G/4G? (Score:4, Informative)

    by 6Yankee ( 597075 ) on Monday February 27, 2012 @05:03AM (#39170217)

    Back when I was at university, I bought a cable for my phone and got myself some sweet, sweet 9k6 access over GSM. It was faster and more reliable than the connection in the uni's computer labs ever was, not to mention no BS filtering. Paying by the minute made me focus on getting the job done and hanging up, too...

    As far as filtering goes, the conventional way around that was to log in as someone else. After all, their username was their matriculation number and the default password was their date of birth... If you couldn't read a classmate's ID and social-engineer his birthday out of him, no matter - the uni helpfully had an easily-accessible printout of the entire student body's personal information (in fact, you had to sign to get your grant, so they left it on the public side of the window), and those last few pages were awfully loose...

  • ....everyone else, or me. However, to me "restrictive access to the web only" and "no access to the wider internet" means to me that he's not going to be running an SSH or VPN proxy to anywhere (except the VPN access that runs over the web ports, and I guess SSH on an alternate port if it's a simple port filter).

  • Seriously, you're not going to win this one. Get your own Internet. And by all means invest in the offshore VPN service too, so you can find out what the real Internet is like behind the Great Firewall of America because that's where we're going now too.
  • Which University? (Score:5, Interesting)

    by JambisJubilee ( 784493 ) on Monday February 27, 2012 @05:09AM (#39170251)

    I'd say the university isn't fulfilling its role, and you should definitely rally to change things. The purpose of the university network (besides supporting research communications) is to allow you to learn.

    During my undergrad the university I attended provided full firewall-free internet with a *public* IP from their block for everyone who plugged in (and no-questions asked CNAMEs). The wireless was of course NAT'd but I had no problems.

    This all worked because of the genius way they solved problems was genius. If IT detected any funny business, a tech would physically show up at your lab/office and ask you what was going on and make you fix the problem right then and there.

  • Make friends with someone in your Cultural/Media Studies faculty. Preferably someone doing research into social media, emerging cultural phenomena, self-organising cliques, something like that. Then get them to repeatedly hassle IT to give them access to blocked sites, claiming its for their research. I reckon after the fifth time IT will give up and just open up the whole network (their router access control lists will get unmanageable for their competence level).

  • My former university used a VPN-service, where every student had to set up a VPN on their computers, and connect to the VPN-server before being able to browse the web. One of the guys even admitted that they're raping the VPN standard in every way possible by using it to connect outwards, rather than inwards, but still they stuck with it.
    The downside was that until the VPN service connected, there was absolutely no traffic to the wider web, which includes Google DNS. So every time I wanted to connect, I had

  • by slimjim8094 ( 941042 ) <slashdot3@just[ ... t ['con' in gap]> on Monday February 27, 2012 @05:12AM (#39170281)

    As a /. reader, I can only assume you're rather technical. Isn't this something you discovered before going there?

    Frankly, I wouldn't go to a school that did this. And I didn't. Thankfully, my first choice doesn't do anything like this. Traffic is unmonitored, but for legal reasons you have to register your MAC address to your university credentials to get out of the VLAN. This happens automatically with authentication to the wireless network, or manually through a captive portal for Ethernet.

    As required by law of all ISPs, they will use this to forward DMCA notices, which happens pretty frequently. I can't exactly fault them for that. They'll also notice if you're really hammering the network with worm traffic or something, in which case they'll kick you off until you get the system cleaned up, which I can't fault them for either.

    But other than that, they're pretty much out-of-the-way. They definitely view themselves as more of an ISP than anything academically-relevant, which is good. The university structure also places them at the same level as the individual schools (liberal arts, engineering, business, etc), and each school has its own school-specific IT that runs their own email and webhosting and so on, all of which helps keep them pretty much service-oriented. They pretty much provide internet access and server space to any university department that wants it (and pays for it, in one of those interdepartmental money-shuffling schemes), and otherwise back off from content management. Individual schools are free to filter whatever they want, but only in the school-managed network. In practice, none do. Even if they did, the dorms are separated out from that.

    Not to mention the university is almost as liberal as they come in terms of information freedom.

    But in any case, the university is your home for the time you're there. I wouldn't live somewhere that did this, and I wouldn't go to a school that did this. Not even because of the inconvenience - think about what that suggests about how they view academic and intellectual freedom.

  • 1, technical. VPN. There are plenty of cheap providers out there who exist to fix this problem, or just find a friend who's willing to let you bounce off their home network.

    2, administrative. Go over the head of the technical guy who's blocking the net. You will need to do your homework first: have a good business case for why the current policies are a) inhibiting your (and many others') legitimate needs and b) aren't reasonable, necessary or effective measures to achieve security. If you have a hundr

  • by Jane Q. Public ( 1010737 ) on Monday February 27, 2012 @05:28AM (#39170361)
    Universities do not exist to restrict information. Anybody who thinks they do, is not doing their job.

    I agree that it is likely and administrator, rather than the IT department, who is responsible, but don't count on it. That's just worthless guesswork. You can find out.

    Whoever is responsible, don't listen to all these wimps who just tell you to cave and pay for ANOTHER internet source when you're already paying for this one. Get hold of EFF, EPIC, the ACLU, and anybody else you can, and tell them your academic freedom is being repressed. Because it is true. But get some help. There are organizations out there who can not only help you find who is responsible, but put pressure on them to change the status quo.

    Don't cave and just buy an expensive cell phone data connection (especially with prices going up). Fight the BS. Because that's what it is: BS.
    • by cheekyjohnson ( 1873388 ) on Monday February 27, 2012 @06:01AM (#39170519)

      But it's their connection! Therefore, they are exempt from all criticism and he should do nothing if he disagrees with their policies.

      • by dkf ( 304284 )

        But it's their connection! Therefore, they are exempt from all criticism and he should do nothing if he disagrees with their policies.

        It's the university's connection, not the particular administrator of the IT department of the university's connection. That said, if it's an order that's come down from On High (it could be) then it's going to be hard to change since admins don't usually like to directly challenge nonsense from formal superiors.

        Another thing to check is whether the restriction is the same for all connections. We (speaking as someone who works in university IT) have a whitelisted wired network with very few restrictions (SM

  • by jsse ( 254124 ) on Monday February 27, 2012 @05:30AM (#39170373) Homepage Journal
    The following serve as an overview. You would like to do your further research.

    (1) SSH client (inside) ---SSH Tunnel--> SSH server (outside, with webproxy)

    This may be the simplest setup, and the client could be linux or putty on Windows; and the server could be linux or CYGWIN on Windows

    (2) OpenVPN client (inside) ---OpenVPN handshake--> OpenVPN server (outside, with internet routing)

    You need to setup an OpenVPN server outside. For example, I reflash a CISCO router with OpenWRT at home so that I can connect from anywhere with OpenVPN client and use home's internet. This method could drill through most firewall/proxy, because it can be configured on any port, and any protocol (TCP or UDP).

    Above methods requires setting up Internet connection outside. You might want to circumvene University's security policies directly, say by malform URL request. However, I do not recommend you to do so, as it would be considered a direct attack on their firewall.
  • by awjr ( 1248008 ) on Monday February 27, 2012 @05:39AM (#39170417)

    If you can go to your course lecturers and justify why you need access to Hackaday to complete your course, I am sure your lecturers have a process to unblock the sites.

    In the meantime there are 1000s of other students trying to use campus PCs without needing to find them screwed over by the previous user. What you *might* be able to persuade the University to do is to provide an unrestricted wi-fi point on campus for personal use.

  • by m50d ( 797211 ) on Monday February 27, 2012 @05:42AM (#39170437) Homepage Journal
    If you're staying in university accommodation, and they're in a monopoly position as your internet provider, then they have an obligation (moral and possibly legal) to provide an equivalent service to what you'd get from a commercial ISP in private housing.
  • by GoLGY ( 9296 ) * on Monday February 27, 2012 @06:00AM (#39170511)

    As a member of an IT systems admin team for a faculty we've often got specific mandates which services we must restrict, and to what end. What you may also be up against, other than 'unprivileged' access - is politics. Students do Naughty Stuff (tm) - that's just a fact that keeps on proving itself true time and time again. Even if you can speak for you, your friends, or your entire course - I can bet dollars to donuts that there's someone out there trying to do something shifty. Case in point: I was seriously asked to relax the restrictions on banning Steam so a student could "download 10 or 15 gig so i didn't have to do it over dial-up". On-campus living - sure, i can see where restrictions like that may diminish any sort of sanity saving software platform ( Valve fan \o/ ), but I'm not going to open up a faculty network just so you can play games. It's an education facility, not your personal high speed connection to the 'net. If you were a postgraduate student researching something that required access - then by all means get your supervisor to approve your request and I'll be more than happy to make it happen.

    That being said - outline a clear case of why you need certain things re-classified and you may have a better case to work with. I am not suggesting that this tactic will work - as there's probably more to the story ( see - plug and play filter lists/software/appliances which remove the need to dedicate an entire FTE to putting classifications on traffic going out ) than you really know, but it will certainly stop you from seeming like a whinging student and more like an intellectual who is using sound reasoning. Hell - if you are able to find clear, repeated examples of wrongful clasification of websites, you may be able to enact a reconsideration of what's being used to deny you access or relax the level in which things are blocked.

    Of course, they might not care. Who knows?

  • See if there's an on campus computer club, that will almost certainly lead you to people, servers and networks that will help with outside access.

    A few things I've seen used on campus:
    -SSH proxy tunneling
    -IPV6 related workarounds
    -'partner' universities and organisation that can be accessed/tunelled through without going through the firewall
    -wifi router/repeater with long distance wifi link (eg with a 'cantenna') to an off-campus house/building
    -friends that work for campus IT, local ISPs and the univers

  • If you're talking about torrents, then I have one word: BitcoinTorrentz. Cheaper than a VPN, you get your torrented files over a standard port 80 HTTP connection (though it is NOT encrypted, if that makes a difference), and hey this is Slashdot so LOL ANONYMOUS MONEY for whatever that's worth.

    For all other normal web traffic, yes your school is being very Draconian if they're blocking the likes of Hackaday. I mean hell, that's pretty much "Great Firewall Of China" levels of censorship there. I frankly
  • by OzTech ( 524154 ) on Monday February 27, 2012 @06:47AM (#39170689)

    If so ...

    This is the basic test to see if you are worth letting back for the second semester.
    As you have posted this question on /. I suggest your consider a different career path.

    As you obviously want other technical people to get you out of trouble and solve all of your problems for you, I suggest you look at Sales and or Marketing.
    Something tells me you have a natural aptitude for either of these.

  • by Lumpy ( 12016 ) on Monday February 27, 2012 @07:28AM (#39170843) Homepage

    Get friends to start buying old linksys routers and create your own rouge wireless internet campus wide. Get people to donate to pay for hardware and a few cable modems at the perimiter so your mesh network can have multiple internet gateways to balance the load.

    Old routers and openWRT will do this, then start putting them up.

    you are in college, it's time to be subversive and community building. a non uni owned student run wireless internet setup is the best way to do this.

  • by biodata ( 1981610 ) on Monday February 27, 2012 @07:40AM (#39170899)
    When I was at University the way to get things changed was to get a group of people who were interested enough, and then go and occupy something inconvenient to the administration to get the message heard.
  • From an IT Admin (Score:3, Insightful)

    by perotbot ( 632237 ) on Monday February 27, 2012 @08:02AM (#39171019) Journal
    I've been the internet cop is several organizations during my employment history and have seen administrators (not IT people) declare everything from "ALL shall be free!" to "Don't let them do anything more than their job" as a standard to use for filtering. Most likely what is happening is that someone, not in IT, has the list of "categories" from the filter service provider, be it Dan's Guardian or a big company like Websense, and have picked the usual suspects of Adult, Security, Malware, and Offensive, along with Hate Speech, Violence, and IT related" and flipped the filter on. The University Administration will ask you one question and one question only, "What part of your EDUCATION" is being effected by this? AND remember these people have fairly well tuned BS detectors. This isn't your parents' basement, they have the right to do what they will to reduce costs (your tuition) by protecting their network and reducing bandwidth use. If you don't like the on campus connection then move off campus and PAY for your own net connection where you can surf to your heart's content and waste your parents' money on reading hackaday instead of getting the Business Degree your parents are paying for by working overtime. And if you want REALLY draconian, they know eveery website you attempt to go to, whether it's blocked or not, and with the newest tech, they are doing a man in the middle on all SSL traffic so they know what you are doing there as well.

God helps them that themselves. -- Benjamin Franklin, "Poor Richard's Almanac"