I just moved into a student dorm for a semester abroad, and beforehand I emailed them asking whether they had ethernet ports to plug my router into (I use it to connect all my devices, and for WiVRn VR streaming). They confirmed that I could, but now that I’m here the wifi login portal is asking me to accept these terms from the ISP, which forbid plugging in a router. There’s another clause that forbids “Disruptive Devices” entirely, defined as:
“Disruptive Device” means any device that prevents or interferes with our provision of the 4Wireless to other customers (such as a wireless access point such as wireless routers) or any other device used by you in breach of the Acceptable Use Policy;
So what are my options? I don’t think I can use this service without accepting the terms, but also I was told by the student dorm support that I could bring a router, which contradicts this.
EDIT: some additional context:
- dorm provider is a company separate from my uni (they have an agreement but that’s it)
- ISP (ask4) is totally separate from dorm provider, and have installed a mesh network that requires an account. On account creation, there are many upsells including one for connecting more than one device. The “free” plan only allows me to sign in on a single device, and I can upgrade to two devices for 15 pounds.
- ethernet requires login too
- VR streaming requires a high performance wifi 6 network, which is why I bought this router (Archer C6 from tp-link)
psst
Hey, kid, don’t tell anyone I told you about this
*Lifts coat
You got the goods! I used an HTTP tunnel when I was in college.
I also like the idea of ptunnel
I don’t understand how that can be reliable without being extremely obvious.
Yeah, any off the shelf network intrusion software would probably immediately flag either of those based solely on the amount of traffic.
Well it would be obvious. Any decent network tool would be able to filter traffic on a port or type (ICMP, DNS, etc).
“Wonder why this kid has 2.5Gb of DNS traffic last week? That isn’t normal. Maybe we should go check it out”
The trick to staying hidden is to look like noise. And this would not be noise.
In 2014 when I was in the hospital for a week I got a visit from their IT. Seems like pushing 5 to 10 gig a day through a ssh connection triggered something. Just a gig of ICMP of any variety would trip a alarm.
Man, I wish I knew this back then. I used Google translate as a proxy. Then that was blocked, so I used babelfish’s built-in translation engine which was touch and go. This would have helped a lot lol
Does it work with DoH ?
No, this is specifically for DNS over UDP (Port 53). What you’re looking for is just an HTTPS proxy. There is no difference between a DoH connection and any other HTTPS connection.
Except on my networks all port 53 tcp/udp and port 853 for that matter are forwarded to my dns per firewall rules. I also block all encrypted dns as well as dns over https blocked. Its my dns or nothing. I also have a vpn and proxy blocklist that updates twice a day. PFblockerNG is effective when maintained.
This is a very neat tool that I’ve bookmarked for further research. But I think you’re missing the point. He doesn’t need to hide network traffic, he needs a Wifi6 router. Now maybe you could setup a router to go through this service to further obfuscate the traffic but I don’t think this alone solves his purpose.
But I’m very glad you posted it because I love learning about little tricks like this to get around overly restrictive networks.