display | more...
A peice of censorware used by many schools. Easily defeated (as is most censorware) with a simple proxy server like the one at http://www.anonymizer.com.

More recent versions of it have been able to defeat the above system by implementing a system known as DDR. See my writeup there for more information.

Our school has just installed Igear, and it is truly stupid. Check out peacefire.org - it has a section on Igear which lists reasons why it is not good. For example, someone managed to decrypt part of the Igear blocked sites list and test the URLs contained within. It turned out that Igear has a SEVENTY SIX PERCENT FALSE POSITIVE RATE! Of course, if you are currently behind an Igear firewall then, predictably, you can't: the site is listed in all of Igear's blocked site lists - egames, shopping, crime, hate, gambling, news, sex/* and so on.

Anyway, some practical advice: Since it's installed on your network's gateway, there's not much you can do about bypassing Igear unless you have access to the server it's installed on. If you can find an Anonymizer clone that isn't on Igear's list then you can surf unrestricted - until it is discovered by your IT department and added to the list.

Technically, if you have access to an authoritative nameserver then you could add a record pointing to the IP address of the site you want to visit, and then specify the IP only in your web browser; Igear would then look the IP address up and find your bogus hostname, which of course won't be on their lists. This not a practical solution.

Finally, if Igear refuses to download files because of a "blocked file extension" then all you have to do is append a question mark and a random string to the end of the filename. For example, to download HOT-PRON.mpg just request "http://server.com/HOT-PRON.mpg?igearisapieceofshite" and Igear will let you. Why? Because Symantec's programmers obviously have no idea how the World Wide Web actually associates files with their appropriate types.

UPDATE: My school appears to have upgraded the software so that the querystring trick with the question mark no longer works. We got around it by creating a simple proxy on a friend's Win2k system, and requesting <http://likeidtellyoutheaddress.com/pa.asp?http://somesite.com/hotpron.mpg?somesecurityhuh>.

We also installed ngrep on a machine in a computer room. The results were most illuminating: our school uses repeaters rather than switches. Not particularly interesting, until you realise that to log into Igear you have to enter your domain username and password which are transmitted to the server in plain text. We ran ngrep in the background, listening to all traffic for i_server:8002, piping its results through grep and into a large text file. The result was two lovely columns of usernames and passwords.

My experience with iGear, and some tips and tricks:

iGear will block a substantial portion of E2, if you're using the URL everything2.com (without the www.). You can login, get the main page, and use the Search box at the top of the page. You can vote and use the chatterbox.

What you CAN'T do is click on hardlinks, you must go and type them into the search box. Softlinks work, but you need to erase the "index.pl" part of the URL, between the / and the ?. You can't create or cool a node without erasing the "index.pl" , and you can't click on a finding in the writeup, you must go back and type the whole thing in at the top.

If you type in the name of the superdoc, like Message Inbox or Node Heaven, you'll go to it, but none of the subpages without erasing the "index.pl" part. Sucks.

I discovered a few things. First, Safeweb is dead and gone, so you're forced into reading E2 straight. What you can do is erase the "index.pl" part of the URL, to get to the page. Also take off the "&lastnode_id=" part of the URL.

Going directly to a link, such as http://www.everything2.com/index.pl?node=Mr+Rogers don't work. Instead, go to the main page, and type it in the Search box. Or use the node_id, like so: http://www.everything2.com/?node_id=624964

The program is still futile in some ways. If you use a program like the dialecticizer(www.rinkworks.com/dialect), or babelfish(bebelfish.altavista.com), you can grab the text from a page, as it's being redirected through a server.

You could use one of E2's alternate URLs, like http://www.everything2.com, http://everything2.com, http://www.everything2.org

My school blocked the first one, but the other ones worked fine.

One Warning: Copy your nodes before submitting them. iGear has this very unplesant bug where you spend an hour on a w/u, hit sumbit, and...you're thrown back to the login screen. AARGH!! Happened twice to me, lost whole pages.

Log in or register to write something here or to contact authors.