Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Firewall Traversal for Macs?

Cliff posted about 14 years ago | from the getting-out-from-behind-the-data-dam dept.

News 12

TexTex asks: "I find myself lacking in many of the joys of the internet while at work, largely because of a particularly effective firewall. While it works great at keeping stuff out, it also keeps me in. FTP and HTTP proxies are the only available exit (no SOCKS). Also, I'm using a Mac so firewall support on many of the apps are not as flexible as I'd like. Napster, Gntuella, and Quicktime streams are unavailable (not to mention all those swell Yahoo internet games). Any ideas how a lone Mac user can escape from the inside?"

Sorry! There are no comments related to the filter you selected.

ZDNet Alternatip on Firewalls (2)

Prolog-X (233570) | about 14 years ago | (#752258)

ZD's Firewalls Alternatip [] might be useful. Hope this helps.

Well.... (1)

glitch_ (48803) | about 14 years ago | (#752259)

Does everybody else have access out? Is this one of those MSProxy's? If other people don't have access out, then I'm afraid I can't help simply because of the fact that you are on an equal plane as everyone else. But, if it is an MSProxy, you can install the proxy client for the mac. You will be able to have almost seemless internet access.

HTTP IP Tunnel (1)

mini me (132455) | about 14 years ago | (#752260)

I don't know much about a Mac's networking ablities but isn't there a header that will allow you to access the outside through HTTP even if it's not a HTTP request? I forget what it was, maybe I'm thinking of something else even?

Failing that, how about PPP over HTTP? You could setup a server outside of the firewall and set PPP over POST requests. Could that not be done with a bit of hacking? If it cannot be done on the Mac could it be done in Linux? You could always install Linux on your computer.

Like I said I don't know much about the TCP/IP stack on the Mac or Linux, for that matter, so this might not even be possible.

Quicktime can pierce firewalls (1)

ptbrown (79745) | about 14 years ago | (#752261)

At least, version 4.1 can. In the transport section of the QT cpanel you can tell it to use TCP port 80 (HTTP),instead of the usual UDP 5970-5999 (RTSP). If you need QT 4.1, go to to get the stand-alone installer instead of the annoying internet-based installer. (It's about 8M)

For other means of getting through, you could ask around for a shell account that you can connect to via port 80. (Preferably with SSH.)

Boy, I would sure love to be hired to play Yahoo games and trade MP3s all day. Wait, you mean that's not what you've been hired to do? ;-)

Re:Here's a nickel, kid. (1)

iMMersE (226214) | about 14 years ago | (#752262)

Why the hell was this moderated down? It's a valid point.


Napster (1)

ilschiz (222945) | about 14 years ago | (#752263)

I dont know about the mac.. but doesn't the napster client allow u to select a data port?
wonder if u could just set that to 80 and have things work... worth a shot

Re:Quicktime can pierce firewalls (1)

Stinking Pig (45860) | about 14 years ago | (#752264)

That won't help with a proxy.

Go to the source of the problem (2)

maggard (5579) | about 14 years ago | (#752265)

Your issue seems to be your employer has limited your access to the internet. Unless you've left something out of your message it's irrelevant whater or not you're on a Mac.

As I see it you have four choices:

  1. Accept that your employer has made a decision about how they want their computers on their network used by their employees on time they're paying for to use their internet connection.
  2. Speak to your Manager, IS Administrator, whomever is appropriate and request greater access. Be prepared to provide a business-relatad justification for the greater access.
  3. Try and get around the policies that have been established, run various applications through non-standard ports etc. and generally subvert your employers policies. Don't be suprised the day someone twigs what you're attempting to pull and you find yourself abruptly terminated for cause.
  4. Leave the company for someplace with policies more to your liking. Frankly if getting unfettered 'net access during working hours is so critical to you I'd worry about loosing perspective but hey, it's your call. I just wouldn't try to explain to a potential employer that you left your previous job for this reason...

Hold on there sparky... (2)

heliocentric (74613) | about 14 years ago | (#752266)

I work at a company where we keep the firewall pretty tight (and we just loosened it to allow outbound telnet - something I thought I'd never see) as well as take other security issues in mind (we consider running non-standard/non-supported software a security risk). Have you consulted your company's Internet usage guideline? I know for a fact our specificaly limits all non-work related computer use to surfing the web during lunch and nothing else is permitted. You might want to consider that someone put that firewall there so you can't do these activities for a reason - they don't want you to. Now, I'm the first person to complain about these rules, but it's not my job to stand up and get my head cut off I just enforce policy and go home. They own the machines, the CAT5, the routers, and pay for the Internet hookup. Like it or not, they have the right to say what you can and can not do with their property. Don't like it - quit - it's a lot nicer than getting fired...

Re:Here's a nickel, kid. (1)

toast0 (63707) | about 14 years ago | (#752267)

it wasn't moderated down

AC posts start at 0

if it were moderated down, it'd be at -1

*smacks you*

Re:Here's a nickel, kid. (1)

iMMersE (226214) | about 14 years ago | (#752268)

OK, OK, I'm a dick!


Re:HTTP IP Tunnel (1)

Evil Grinn (223934) | about 14 years ago | (#752269)

Failing that, how about PPP over HTTP? You could setup a server outside of the firewall and set PPP over POST requests. Could that not be done with a bit of hacking?

Yes. See [] .

This appears to be for Linux, btw.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?