BYPASS CHINA FIREWALL
Avoiding Censorship in an Oppressed Nation
It's no easy matter avoiding the authoritative control that the Chinese government has over internet access to those who are located in mainland China
I did it! Then again, I was a Foreign Expert and they probably knew I was sneaking past that digital wall and are possibly more aware of it now since I am saying how I managed to escape their wily defenses.
The first step is to realize that the PRoC is actively monitoring VPNs. However, they cannot actively monitor all IP addresses or block them all (well, they could ... hopefully this post won't have unforeseen repercussions). All it takes is one IP address or a server that you can communicate to with the permission of the Hacking Team at the Great Firewall, and then you can use pre-existing features in the ssh protocol to essentially have unrestricted access to the internet.
Being technologically savvy does have its perks (especially when trying to combat the censorship of the PRoC).
The process is simple and the idea should be capable of being applied to Windows users by going through PuTTy, for instance.
Dynamic Port Forwarding via SSH
Nothing could be easier than logging onto any old server you have access to (I ended up proxying through matthewniemerg.com) via ssh and using dynamic port forwarding. For example, I would type the command
ssh -D 9999 [email protected]
enter the password to access the server and then change my browser settings and system preferences to allow for proxy servers. You then set the IP address to be your local machine, i.e. 127.0.0.1, and the port number the port specified in the dynamic port forwarding flag, i.e. 9999.
And voila. You are now connected to basic web browsing (http and https) through a proxy. All content is not fully routed as it is with a VPN, but for avoiding the hassle of outright censorship and basic access to content, this works rather well.
Anyway, this was how I managed to surf the internet whilst in China for 5 months. My favorite place to find proxy servers is premsocks.com. There are other configurations you can do, too, without dynamic port forwarding.
Renting a cheap server and doing this was by far more effective than anything else I tried.
I'm sure there are ways of setting up a private VPN in a similar way, once you have a server that is outside the Firewall and communicating inside of it. Point is that nearly all known VPNs are monitored...
In My Defense
What'd they expect me to do? I couldn't even access gmail in the dorms that I was staying at ... sheesh.
#firewall anonymity