Ok,

In school, we have a totally dumb content blocking system, which is easily circumvented (port tunneling over ssh, hidden as https), but is simply annoying.

I did some research on the system, and i came up with a link describing its features.
http://www.nwtechusa.com/8e6/features.html

This advertises: "Avoid latency and general network slow-down with "pass--by" filtering (R3000 never touches a packet)."
http://www.8e6.com/products/R3000/pd_r3000_how.htm

That explains this behavior: when browsing the net, the page partially opens and then redirects (almost in no-time) to a page stating "content blocked....". When you hit the back butten, it doesn't work, because the previous page is redirecting me to the currently viewed page. When you try to wget a blocked page, all it shows is the page stating that the site/page is blocked.

Question:
should this mean that there is an easier way to bypass it without having to create the tunnel through the firewall / blocker?

I bet i could do some dumb dos stuff to it, but that's too lame. Is there somthing you can think of??

I think sniffing traffic to and from the content blocker system, checking for passwords, would 1) be impractical due to the extreme bandwidth of, i think an oc-3 or above, and 2) If i get caught, i'd be going straight to jail for sealing passwords for everything -- which i obviously don;t want.

The public proxy stuff doesn't work anymore, because only ports 110 25 443 80 and the one for dns is open (outbound), everything inbound except 80 is totally dead!

PS: it's not hacking: the teachers all welcome me removing the blocker from their computers and the student computer. There is no way that the blocker could be disabled or changed by the network administrator (who also uses my method of getting abound it using tunnels), because it is at the district level (for over 100 schools, including elementaries and others, where the filtering would be appropriat), and the district would never, ever change its policies on newly purchrased equippment, and call it unneeded.

Hehehe... this is a funny one.

Why don't you try accessing a page by it's IP address instead of the name?

Tried this -- It doesn't work. This machine checks the data send back form the site to the client (me) for blocked words in the html. If there is any "bad" word in there, it blocks it. It is very seldom based on the domain name.

Then, the only idea I get is to get a VPN connection to the outside. You can setup a VPN server on your home computer and connect from school to it. By using VPN tunneling, the filter shouldn't be able to inspect the packets going through.

that's basically what i am doing right now: port tunneling over ssh.
vpn would not be practical, due to the huge ammount of computers on campus and the traffic they would spam the small connection with.

The only problem: bandwidth. That's why i was looking for a better way around this annoyance...

can you think of anything else???