Thanks for your comments and suggestions A1ia5.
Unfortunately ALL of the links enclosed in your PM are blocked here; I have zero administrative right to download and install any software ( so I can't install either Tor or Firefox ); and I still can't find a single proxy site which is accessible either.
It is also impossible to access any system properties ( not even the Control Panel is accessible ), so there is no question of setting up any ports for access to anything.
BTW, just in case it amuses you, one of the things that seem blocked is my own username ! I couldn't access it because of the thread title that Mikael gave to it !
I tried for 10 minutes to open this thread to reply to you, but was blocked on every attempt. It was only when I thought of going through the recent posts thread, and clicking on 'Reply', that I got a dialogue box to open for me. After I had written my reply I was later able to modify it to include your quote at the head.
But that was 15 minutes that was a sheer waste of time.
I am not familiar with your term 'Whitelist', but whatever they are using is probably more effective than the Chinese authorities employed !
Whitelist is a list of whatever they allow - be it websites, ip addresses, protocols, keywords, and so on. From your communication it does not appear to be the case.
Conversely, a blacklist is a list of things to disallow. Thailand operates a blacklist of sites, ip addresses etc. China operates a whitelist. It appears your library uses a blacklist.
Your response is no surprise. Acquiring the tools to circumvent their access restrictions should be difficult on the target. Typically it is difficult to get the tools and experience within the target environment.
So how could you get it to work then ?
There are some alternative ways, but you would need to know something about the network and access control software (ACS). There is likely to be vulnerabilities in the ACS. Good sites like
http://www.milw0rm.com/ are a basis for exploration. Another challenge you have is executing and installing the tools on the target. There are several ways to do this in a locked down environment. Again, your reconnaissance and web search skills will be required here. I particularly like the fact that an exe can have its extension changed and still be executable. For e.g foo.exe becomes foo.scr - this is the extension for screen savers and was used a lot some years ago for email based propagation of malware. A .scr file should be executed. Again, there are no guarantees here as your target may well have a whitelist of allowed executable images. However, in large public usage this is unusual. More often, there is a standard image for the workstations that is refreshed overnight. So if you leave an important file on the hard drive and go back the following day, it may well be very difficult to get your important file back without doing some serious forensics and data recovery - Yes it is possible to get files back even the physical sectors they occupied have been written over - it is achieved by reading between the tracks. So to make sure your files are truly irrecoverable on most forms of media it is necessary to overwrite them in excess of 30 times !! Of course you should always consider the cost/benefit ratio.
Perhaps this could be a turning point in your internet access. Netbooks (Small Cheap Computers - SCC) are tremendous. Many pubs and several McDonalds now offer free WiFi. The local Wetherspoons has WiFi and you can buy soft drinks for 15-20p a glass. Plus there are many electrical sockets available. With the right aerial it is surprising what WiFi access points you can pick up.
Interesting, not amusing, to note is the behavior on your username. This demonstrates that the content is being checked for keywords. I would suggest that an https version of the forum is made available and this will overcome the analysis and filtering of content - unless it is actually being conducted on the local workstation. If that is the case, then it is a significant intrusion of your privacy and means the library are potentially recording details about you. What they record of course depends on what websites you access. As I know you are a Google mail user, I would suggest enabling the secure access option in the GMail control panel.
On a personal note, I find this a great challenge and like to see what countries and organizations do to control their people's access.
Good luck and there always is a solution...
