I have an account in chatgpt but as I located in the restricted country, I tried to use AWS proxy (US server) to login chatgpt. Few weeks ago it worked but now I get an error message access denied error code 1020. I used tinyproxy in stealth mode at first but since I was unable to pass through the cloudflare, I guessed probably the proxy was not good enough to disguise itself as a proxy, so I tried squid vpn in stealth mode and algo vpn, but all did not work(Tried other AWS countries server as well other than US). Until now, I figure out chatgpt might probably just banned all connection from amazon or perhaps my proxy is just not smart enough to pass through cloudflare? What are more options? Any recommended free vpn proxy that I could installed into my AWS EC2 or perhaps I should try other less known cloud services instead? e.g. (other non-restricted country's local cloud services) Besides, I have consider using other free proxy from the internet but as I need to login my gmail, is it danger to do so but since its https so my username and password should be encrypted?
I have the same problem, simple ssh tunneling works you can use a jump server to bypass your country first and than use different server to use as proxy because some of your vps servers get banned with IP, so you may have to use another vpn with different proxy
ssh -D "port to make SOCKS 5 Connection like" <10808> -J <"user">#<"jump server IP"> <"user">#<"final server IP">
than you can use "foxyproxy" extention to build SOCKS5 proxy that uses specified port in this example 10808 to route your browser terrafic through tunnel in port 10808 to final server
or you can use something like sshuttle, but i was fine with this simple tunneling method in GFW
Related
Is there any way for me to connect to a VPN without having it use my DNS? My internet provider where im connected can only use the DNS to connect to a separate server, which then connects to the internet as the router only interacts with that server, so if I change my DNS, my connection instantly stops working.
Is there any service that connects to a server without DNS as a VPN, or even some way to set up a proxy to go to another server after it interacts with my DNS?
Tried Changing DNS, no connection using cloudflare or google DNS servers (1.1.1.1, 8.8.8.8), Hotspot Shield VPN wouldn't connect, VPN from my home network wouldn't connect.
So, your ISP allows DNS traffic only to its server. And you want to by-pass this limitation.
Solution 1: SSH Proxy
ssh -D 5000 user#host
Now, you can set your applications to use proxy on socks5://localhost:5000
You must set "Proxy DNS on socks5"
This proxy goes throught the SSH server
Of course you need SSH server somewhere to connect to.
Solution 2: DNS over HTTPS
https://en.wikipedia.org/wiki/DNS_over_HTTPS
https://manpages.ubuntu.com/manpages/bionic/man1/dnss.1.html
It should work because your DNS packages go as HTTPS packages.
Solution 3: VPN or other services like nordvpn
It should work also since packages go encrypted to the VPN.
Actually, VPN should work without your ISP DNS as long as you connect to the VPN IP address instead the hostname.
Finally
Solution 2 seems to be the only one you are able to perform without external services.
I am getting connection time out when I try to ssh to my Azure VM on a specific ISP provider, not any other ISP provider. I did notify them about this issue but they do not know what might seem to be the issue.
Also tried to create a new rule to open port 22 on windows Machine, followed all Azure troubleshooting methods, disabled my Firewall, but nothing seems to work, Only when I connect to a different ISP provider.
Please take note that the ISP through which you were trying to connect to your Azure VM over port 22 through SSH is blocked over public internet owing to various server side vulnerabilities. The vulnerabilities that the SSH server side is prone to includes Port forwarding, unauthorised SSH access, vulnerable SSH configuration, pivoting and unpatched SSH software. Along with Port 22, most ISPs also block SMB port 445 also on the public internet owing to frequent and hot instances of brute force as well as software manipulation attacks. Since, users are not known to take care or take appropriate security measures for avoiding such attacks, so the ISPs block the inbound as well as the outbound traffic on these ports overall.
You can check by connecting through some other ISP or using cell phone internet in that case as these ports are not blocked over there.
I'm trying to setup HTTPS to some of my company's web services.
Currently I have several web services sharing the same public ip address proxied by a firewall (all allowing both 80 and 443):
web1.company.net
web2.company.net
web3.company.net
and so on...
I have SSH access to these VMs only when connected to the company's VPN.
I tried setting up let's encrypt with auto renewal with 2 different docker images (and both are giving the same "error"):
jwilder/nginx-proxy + jrcs/letsencrypt-nginx-proxy-companion
https-portal
After completing the setup, if I'm connected to the VPN, the HTTPS works perfectly (I basically see the closed lock next to the link).
Whenever I disconnect the VPN connection and test the same website I get the following:
I also tried to check the certificate chains.
When I'm connected to the VPN I get the correct certificate chain:
When I'm not connected to the VPN I believe, I don't:
Any clue on what can cause this? Maybe the firewall doesn't know how to proxy the request because part of what it needs is encrypted and it doesn't know how to decrypt it? I'm a total newbie in this.
All help is appreciated and thanks in advance.
I was wondering if it's possible to host a private vpn on heroku?
My (hypothetical) use case is that let's say there's some service that's only available in Europe but I want to access it in the USA. I'd like to turn a European heroku server into a personal vpn that just allows me to access that service.
I did some research and can't find anyone else who's tried/documented this.
You basically want a proxy. So heroku forbids running an open proxy, so you should restrict use.
XIX. Operate an “open proxy” or any other form of Internet proxy service that is capable of forwarding requests to any end user or third-party-supplied Internet host;
--https://www.heroku.com/policy/aup
But technically it is possible - you might want to try it: https://github.com/Rob--W/cors-anywhere, if you want to use the browser you will need to download the headers from the server.js file
Note that this project is not intended to be used as an open proxy, so for example relative paths are not loaded properly.
You might want to try it - it might be more appropriate, I just did not try it myself ... :)
https://github.com/http-party/node-http-proxy#setup-a-basic-stand-alone-proxy-server
I have a corporate proxy using Squid and kerberos for authentication, the proxy is configured for standard use, I.E allow http, https, a few others and block everything else. Now, there are many applications that support basic proxy authentication, but do not support Kerberos based authentication and many others that connect directly to the internet. I used Proxifier before the upgrade to kerberos to make my applications use the proxy, but I cannot do so now. I then installed an application called PX to create a proxy that connects to kerberos, but the proxy it creates is a simple HTTP Proxy and proxifier doesn't work correctly with it. Anyone has a setup for a situation like this?. I use Windows 10 and I obviously don't have access to the server where squid is configured. The application I need to connect to the internet uses standard https ports, it's not a torrent application nor anything that uses the ports blocked by squid. Thanks in advance.
Ok, for this particular case I've found the following setup to solve 99% of my problems.
First get Px here https://github.com/genotrance/px
Next get Fiddler: http://www.getfiddler.com/dl/Fiddler4BetaSetup.exe
Configure PX with your user and your domain and run it. By default it creates a running proxy on 127.0.0.1:3128
Configure your sistem proxy to use the proxy supplied by PX.
Execute fiddler, it should create ANOTHER proxy at 127.0.0.1:8888
Use this proxy in your apps. Proxifier should work as well.
Why use fiddler and not the direct 127.0.0.1:3128?, PX creates a pure http proxy and fiddler allows to tunnel https and connect request through it.
Any requests will pass through fiddler which will redirect them to the PX proxy which will redirect them to the squid proxy (So expect very slow speeds).
In the end since you're just redirecting your apps towards your proxy, if your proxy bans using regex expressions or direct IP connections some apps will NOT work, and in these cases using TOR or a VPN is the only real solution. Hope it helps someone avoid all the headaches I went through.