Как обойти ограниченный доступ к интернету, предоставляемому бесплатным интернет-провайдером?

642
user466226

Некоторая компания предложила бесплатный Wi-Fi сервис в нашем районе.
Я могу пропинговать Google из командной строки, но не могу получить доступ ни к какому веб-сайту, кроме их собственного и некоторых ссылок, которые они предоставили.
Я использую Windows 7
Есть ли способ обойти это и разрешить мне бесплатный доступ в интернет?

-3
Вам, вероятно, нужно зарегистрироваться. Большинство стран настаивают на этом, чтобы интернет-провайдер знал, кто использует их сеть, из соображений безопасности. Вы должны _не_ пытаться обойти это. AFH 9 лет назад 0

1 ответ на вопрос

2
MariusMatutiae

It depends on how thorough they have been in setting up this captive portal. In line of principle, they may have made it quite safe.

If, however, they have been less than thorough (or paranoid, if you like), it is possible that one or more known techniques to evade the portal work. You can find more info on this Wikipediia page.

The first possibility is using a VPN: traffic is encrypted, including DNS requests (if you have set it up properly!), and, if they base their redirection upon either DNS-hijacking or port-identification, you are good to go (some VPNs like OpenVPN can work on port 443/TCP, which is hardly ever blocked by captive portals).

Then there are two more techniques which are worth trying: dnscrypt and IP over DNS (please notice: while there is only version of dnscrypt, there are many of IP-over-DNS, the link is to just one of those apps, you may find more by Googling around).

dnscrypt moves DNS requests to unusual ports, and encrypts DNS requests. This will be thoroughly effective (trust me) if they are basing their redirection policy on identifying DNS requests. This is generally done because it is far lighter than examining every packet. DNS packet identification can be done on the basis of port or protocol, but encryption bypasses both of them.

If DNS traffic is instead free IP-over-DNS is a way to encapsulate normal IP packets into DNS requests, send them to a properly set-up server which de-encapsulates them and sends them on to their proper destination; the frielndly server will then encapsulate the reply. It is often fine, effective and slooow. But it can be better than anything.

On the other hand, those who have set up the captive portal may have: dropped traffic to all ports except to 80 and 443, re-directed DNS requests to their own server which dishes out its own IP address every time a request is made for an un-sanctioned site, have provided their own DNS resolutions for all sites approved, and decided to DROP all other traffic. In this case, you are securely shut off, sorry.

Похожие вопросы