*** Asylum Information - Firewalls ***
Riggwelter's guide to mudding through a firewall
================================================
It's the ultimate nightmare: you've started a new job only to discover
that some over-zealous network admin, or more likely a pimply-faced CTO
has configured the firewall in such a way as to block your access to
your favorite MUD!
So, what are you going to do? Are you just going to sit there and
accept that fact? Of course not! So here it is, Riggwelter's complete
guide to accessing Asylum through an Anti-MUD firewall.
Please note that following these instructions, and getting caught may
result in a loss of employment.
Although the options are listed in a recommended order for testing, mudders
should obviously use the option which works best for them.
Your first option for accessing Asylum is to go through your company's
web cache server. Nearly all companies have these now, and a lot of
them are permitted to access anything. This may not work with Microsoft
Proxy as that does weird authentication stuff, but the most popular
cache server out there is Squid, and this works fine with it. The added
advantage is that doing this will normally not appear in the Squid
server's logs.
A quick and easy way to test that you can do this is to telnet to the
cache server, you can find out what the name and port number of the
server are from your browser settings, let's assume for now that it's
called webcache, and it runs on port 8080. Start a telnet session to
webcache, port 8080 and when it's established type the following as
quickly as possible, before the connection times out:
CONNECT asylum-mud.org:6715 HTTP/1.1
Host = asylum-mud.org:6715
(You need a double-return after the Host line)
If your cache server can get to Asylum, you will shortly be presented
with the familiar login screen.
You now have a choice, either do that every time you want to access
Asylum, or use a MUD client that supports HTTP proxies. The only client
I'm aware of that supports them is called Papaya, and it's available as
binaries for Linux and Windows from http://www.gtk-papaya.org. Its
source should compile on most other UNIX based systems, including MacOS X.
It's also a well featured MUD client in other areas, and well worth a
look.
Alternatively, if your employer provides a SOCKS4 or SOCKS5 proxy, Papaya
can also use them to get through the firewall.
Option number two is open to you if the firewall allows outgoing telnet
connections on the standard telnet port (23). Either use telnet, or
your favorite MUD client to connect to www.asylum-mud.org:23. The www.
is required, as this service does not run directly on the main Asylum
server, but on the web server, which then proxies the connection to the
main server. This method is suggested as a second option rather than
first choice as the connection is slowed by the fact that Asylum's main
server is the UK while the webserver is in the USA, so there is network
latency between them. Clearly this is less of an issue for mudders logging
on from the USA in the first place.
Your third option comes into play if the firewall at your workplace
even prevents the cache servers from accessing non-standard web ports,
it's slightly more involved and requires some technical know-how, but
it's well worth it.
You'll need to have a broadband internet connection, either ADSL or
cable, and a computer attached to it that you can remotely log in to.
This is most likely going to be a Linux or BSD server, but it would work
with a Windows machine with Cygwin installed too. The method of logging
in should ideally be Secure Shell (ssh) to minimise the chances of your
machine being compromised, and you'll want to have some sort of effective
firewall in place.
Most broadband connections use dynamically assigned IP addresses, so use
a service like DynDNS (dyndns.org) to set up a hostname for you to
connect to.
Now here's where it gets really sneaky. If the firewall prevents you
from using ssh on it's standard port (22) try running the ssh service on
a different port. It's possible that either port 21 or 23 (ftp and
telnet respectively) may be open, so try those.
Having connected to your machine, you can then telnet to Asylum.
If all the above options fail, then short of sleeping with the network
administrator, you may have to resign yourself to working while you're
at work. Sorry about that, but that's the way it is.