如今,学校或教育机构、工作场所和政府阻止网站变得越来越普遍。
此类限制最流行的例子之一是中国的防火墙(Great Firewall of China),它在该国实施互联网审查,以减缓跨境互联网流量,并阻止访问某些外国网站。
如果您在学校或工作场所遇到被阻止的网站,管理层可能不希望您通过他们的ISP帐户使用这些网站——主要是为了防止您进入兔子洞。
他们使用过滤网页内容的防火墙来做到这一点,因此学生或员工无法访问任何列入黑名单的网站。
值得庆幸的是,您可以使用一些变通方法绕过学校或工作场所的防火墙并查看您想要的站点。
如何绕过学校(Your School)或工作场所(Workplace)的防火墙(Firewall)
- 使用代理
- 使用 VPN
- 将智能手机用作移动热点
- 使用 SSH 隧道
- 使用 Tor
什么是防火墙(Firewall),它是如何(How)工作的?
防火墙是一种硬件或软件网络安全系统,用于监控传入和传出流量,并根据某些高级安全规则阻止或允许特定流量。
最重要的是,防火墙用于验证访问、管理和控制网络流量、保护资源以及记录或报告其他应用程序之间的事件。
尽管它们保护了特定网络中的所有计算机,但它们也很烦人,尤其是对于无法访问他们最喜欢的社交媒体平台、流媒体服务和其他网站的学生或员工而言。
防火墙如何阻止网站
这是了解为什么您无法访问您喜欢的网站的第一步,以及我们将在本文后面分享的提示如何帮助您绕过防火墙查看您想要的网站。
每当计算机想要访问特定网页时,它都会创建一个HTTP请求,该请求包含在TCP数据包中。接下来,将网站名称识别为IP 地址(IP address),并将TCP数据包移动到 IP 层进行路由处理。
根据 IP 地址和路由表,该层确定将请求发送到哪个网站服务器。
如果网站存在于网络上,这里就是防火墙阻止网站的地方,因为防火墙在 IP 层运行,并使用“代码墙”监控每个数据包,以阻止您的设备访问网络。
防火墙(Firewalls)保护计算机的入口点,在该入口点您的设备和互联网之间交换信息,因此它监控连接的任一端,并决定哪些内容通过,哪些内容被阻止。
此类防火墙称为包过滤防火墙,是最常用的类型,但还有其他类型的防火墙,例如下一代、代理、状态多层检测 ( SMLI ) 和网络地址转换(Network Address Translation)( NAT ) 防火墙。
如何在学校(School)或工作场所绕过防火墙(Workplace)
使用代理
代理服务器(proxy server)可以通过为您处理所有冲浪来绕过您的学校或工作场所的防火墙和其他URL限制。它通过代表您访问该网站来执行此操作,然后显示该网站的所有内容,而防火墙只看到代理的URL。
代理通常可以免费使用,但它们有很大的缺点。它们不可靠、不安全,并且可能会泄露您的 IP 地址,因此您可能根本无法访问该网站。
同样,您的学校或工作场所也可能使用代理来阻止网站,因为所有请求都必须先通过它。
有时代理站点本身可能会被列入黑名单,这是这种方法的另一个缺点。除非你有一个不为管理层所知的人,否则它可能对你有用。
使用 VPN
虚拟专用网络(virtual private network)是加密流量和通过安全连接访问互联网的最佳方式之一。
您可以获得一个很好的免费VPN来使用或使用高级VPN服务。无论哪种方式,它们都会通过阻止防火墙查看您的浏览活动来保护您。
VPN从您的设备获取传出信息,对其进行加密,以便在线窥探者无法看到您发送的内容,然后将数据发送到VPN服务器。服务器解密数据以读取您要访问的站点,然后将您带到那里。
通过这种方式,您可以安全且私密地浏览,因为所有Internet 流量都经过加密(internet traffic is encrypted)(传入或传出),因此您的学校或工作场所的防火墙或ISP永远不会知道您在网络连接上正在做什么。
但是,大多数学校或工作场所的 IT 管理员都对VPN技术不熟悉,因此他们通常会阻止(VPN)VPN(VPNs)使用的最常用端口(commonly used ports),从而使其失效。
好消息是有隐身技术的VPN(VPNs)和足够强大的系统可以绕过防火墙块,使用与主流站点相同的端口和协议。
无论您使用什么设备,您都可以获得强大的VPN,下载并安装客户端,然后开始浏览。大多数最好的VPN服务提供商都有适用于 Android 和 iOS(apps for Android and iOS)的应用程序,以及其他主要平台和设备。
将您的智能手机用作移动热点(Mobile Hotspot)
如果使用代理或VPN对您来说听起来太过分了,并且您想要一种更显眼的方式来访问您喜爱的网站而不会在学校或工作场所网络上“被看到”,请将您的智能手机变成移动热点(turn your smartphone into a mobile hotspot)。
这样,您可以随时访问您喜欢的网站。它会消耗您手机的数据,但您无需绕过防火墙和其他互联网封锁。如果有人发现您在学校或工作网络上所做的事情,它还消除了所涉及的危险。
检查您的移动运营商是否允许网络共享,然后切换到手机的互联网连接并享受您的内容。不过要小心,因为网络共享存在多种危险(several dangers to tethering),您需要先检查这些危险,然后才能将手机用作热点。
使用 SSH 隧道
通过 SSH 建立隧道的工作方式与(Tunneling over SSH)VPN几乎相同,可以安全地移动您的流量。如果您有可以远程访问的SSH服务器,请设置隧道以通过安全连接重定向流量,并绕过学校或工作场所网络上的防火墙阻止。
它仍然为您提供相同的冲浪体验,但速度稍慢,因为您没有坐在SSH服务器的位置。
使用 Tor
Tor是一种流行的网络浏览器,可让您匿名浏览(browse anonymously)。在到达可能未经审查或未经过滤的端点之前,它会通过加密网络路由您的 Web 浏览。
如果您尝试访问未加密或敏感数据,与使用 VPN 相比(compared to using a VPN),这不是绕过防火墙的最佳方法,即使它允许您绕过学校或工作场所的防火墙。
但是,即使在代理、标准VPN(VPNs)或SSH隧道不支持的情况下,它也能正常工作,但它比您通常的网页浏览要慢得多。
您应该绕过学校或工作场所的防火墙(School Or Workplace Firewall)吗?
除了被抓到并可能被停职或开除/解雇之外,违反规则还有几个危险。其他影响包括您的个人信息被盗、感染可传播到学校或办公室其他设备的令人讨厌的病毒,或者更糟糕的是,您的行为面临法律诉讼。
安装防火墙是为了确保您在线安全,而不是打扰您。在学校,它们旨在帮助促进学习,并在工作中提高生产力。在绕过防火墙块之前,请检查是否值得冒险,考虑到什么是危险的。
How To Get Around Your School Or Workplace Firewall
It’s becoming increasingly common today for sсhools or educational institutions, workplaces, and governmentѕ to block websіtes.
One of the most popular examples of such restrictions is the Great Firewall of China, which enforces internet censorship in the country to slow down cross-border internet traffic, and block access to certain foreign websites.
If you’ve come across blocked websites at your school or workplace, the management probably doesn’t want you using such sites through their ISP account – mostly to keep you from getting into the rabbit hole.
They do this using firewalls that filter web content, so students or employees can’t access any of the blacklisted websites.
Thankfully, there are a few workarounds you can use to get around a school or workplace firewall and view the sites you want.
How to Get Around a Firewall at Your School or Workplace
- Use a proxy
- Use a VPN
- Use your smartphone as a mobile hotspot
- Use a SSH Tunnel
- Use Tor
What Is a Firewall and How Does It Work?
A firewall is a hardware or software network security system that monitors incoming and outgoing traffic and blocks or allows specific traffic based on certain advanced security rules.
Most importantly, firewalls are used to validate access, manage and control network traffic, defend resources, and record or report on events among other applications.
As much as they safeguard all the computers in a particular network, they’re also annoying, especially for students or employees who can’t access their favorite social media platforms, streaming services, and other websites.
How A Firewall Blocks Websites
This is the first step in understanding why you can’t access your favorite websites, and how the tips we’ll share later in this post can help you bypass the firewall to view the sites you want.
Whenever a computer wants to access a particular web page, it creates an HTTP request, which is enclosed in a TCP packet. Next, the website’s name is identified as an IP address, and the TCP packet moves to an IP layer for the routing process.
Depending on the IP address and routing tables, the layer determines which website server the request will be sent to.
Here’s where the firewall blocks the website if it exists on the network, because the firewall operates at the IP layer, and monitors each data packet using a “wall of code” to block your device from the web.
Firewalls guard the computer’s entry point where information is exchanged between your device and the internet, so it monitors either side of the connection, and decides what goes through and what gets blocked.
Such firewalls are called packet-filtering firewalls, and are the most commonly used type, but there are others such as next-generation, proxy, stateful multilayer inspection (SMLI), and Network Address Translation (NAT) firewalls.
How to Bypass a Firewall at School or At the Workplace
Use a Proxy
A proxy server can get around your school or workplace firewall and other URL restrictions by handling all the surfing for you. It does this by going to the website on your behalf, and then displays everything from the website, while the firewall only sees the proxy’s URL.
Proxies are usually free to use, but they have major drawbacks. They’re unreliable, unsecure, and may leak your IP address, so you may not be able to access that website after all.
Similarly, your school or workplace may also be using a proxy to block the websites as all requests have to go through it first.
Sometimes the proxy site itself may be blacklisted, which is another downside with this approach. Unless you have one that’s not known to the management, it should probably work for you.
Use a VPN
A virtual private network is one of the best ways to encrypt your traffic and access the internet via a secure connection.
You can get a good free VPN to use or use a premium VPN service. Either way, they’ll protect you by keeping the firewall from seeing your browsing activity.
A VPN takes the outgoing information from your device, encrypts it so that online snoopers can’t see what you’re sending out, and then sends the data to a VPN server. The server decrypts the data to read which site you want to visit, and takes you there.
This way, you can browse securely and privately because all the internet traffic is encrypted – incoming or outgoing – so your school or workplace’s firewall, or ISP will never know what you’re doing on the network connection.
However, most school or workplace IT administrators are privy to VPN technology, so they usually block the most commonly used ports that VPNs use, rendering them ineffective.
The good news is there are VPNs with stealth technology and strong enough systems that can bypass the firewall blocks, using the same ports and protocol as mainstream sites.
No matter what device you’re using, you can get a strong VPN, download and install the client, and start browsing. Most of the best VPN service providers have apps for Android and iOS, among other major platforms and devices.
Use Your Smartphone as a Mobile Hotspot
If using a proxy or VPN sounds too much for you, and you want a more conspicuous way of accessing your favorite sites without getting “seen” on the school or workplace network, turn your smartphone into a mobile hotspot.
This way, you can visit your favorite sites any time. It consumes your phone’s data, but you’re free from the hassles of having to bypass firewalls and other internet blocks. It also removes the dangers involved if someone finds out what you’re doing on the school or work network.
Check that your mobile carrier allows tethering, and then switch to your phone’s internet connection and enjoy your content. Be careful though, as there are several dangers to tethering, which you need to check before you can use your phone as a hotspot.
Use SSH tunnel
Tunneling over SSH works almost the same way as a VPN to move your traffic securely. If you have an SSH server that you can access remotely, set up tunneling to redirect traffic via the secure connection, and bypass the firewall blocks on your school or workplace network.
It still gives you the same surfing experience but a bit slower as you’re not sitting at the SSH server’s location.
Using Tor
Tor is a popular web browser that lets you browse anonymously. It routes your web browsing via an encrypted network before getting to an endpoint that’s likely uncensored or unfiltered.
If you’re trying to access unencrypted or sensitive data, this isn’t the best method to bypass firewalls compared to using a VPN, even though it allows you to bypass your school or workplace firewall.
However, it tends to work even where proxies, standard VPNs or SSH tunnels don’t, but it’s much slower than your usual web browsing.
Should You Bypass Your School Or Workplace Firewall?
There are several dangers to breaking the rules as it were, besides getting caught in the act and possibly getting suspended or expelled/fired. Other repercussions include getting your personal information stolen, catching nasty viruses that can spread to other devices in the school or office, or even worse, facing legal action for your deeds.
Firewalls are installed to keep you safe online, not to annoy you. At school, they’re meant to help promote learning, and at work, to enhance productivity. Before you get around the firewall blocks, check if it’s worth the risk, considering what’s at stake.
