There will be no more updates to this tutorial, many links are not working anymore..
I moved all the content to the "Internet censorship wiki" at
Please continue with that link and update your bookmarks.
However I do not plan to remove this tutorial from the Internet.
I am looking forward for your participation!
      Thanks, Freerk

Check out the free book "How to bypass Internet censorship"!

English - Español - Deutsch (translations welcome!)

HOWTO bypass Internet Censorship

Freerk <> (write in English, German or Spanish), last updated 2010-04-07
A tutorial on how to bypass Internet Censorship using Proxies, Shells, JAP e.t.c. Different ways to beat the filtering in schools, countries or companies (blocked ports e.t.c). This is the original and so newer than the translations because I'm still working on it.

1. Introduction

2. Possible weaknesses

3. Different kinds of censorship

4. Different ways to bypass censorship

5. Howto publish information

6. Appendix

back to top

1. Introduction

  • 1.1 About Internet censorship

  • In the last 10 years the Internet grew very, very fast. It is a bunch of thousands of little networks put together. Billion computers are connected and it is basically not controlled or even owned by a government or company. There are no laws, everybody can put his webpages online which can be accessed by everybody on the world who is sitting in front of a computer with Internet access. I believe that this can and will change the world as we know it today.
    But there are several governments who think that this unlimited access to information is dangerous for their citizens. These are for example Saudi Arabia, Bahrain, Cuba, Jordan, Tunisia, Burma, Singapore, Uzbekistan, Yemen, Kuwait, Vietnam, Syria, Iran, United Arab Emirates and parts of Africa. And even in countries like Australia, Switzerland and in some parts of Germany they censor websites. This ranks from a very easy to circumvent DNS blocking of only 2 Nazi sites in parts of Germany to a government office with 30.000 employees only working in blocking thousands of websites, services and ports in China.
    Though the blocking methods are different there are also different ways to bypass them. I will try to show you how to access the website of Amnesty International, BBC, Google and other blocked sites in your country. I made this website in very basic HTML, so that you can even view it with a very old computer. Please share this information, link the site, copy it, mirror it, print it (I didn't "hide" any links, so that no link is lost when you print it) and teach your friends and relatives!

    More info:

  • 1.2 My reasons for writing this

  • Well, I'm living in Germany, which is not very famous for it's censoring. But the local government from one of the 16 German states (NRW) tries to introduce censorship by blocking 2 US Nazi sites. Sure, I really don't like those guys but in my opinion no government or even a system administrator has the right to choose which information a individual have access to. What websites are next? Who chooses which websites will be blocked? Additionally, my school blocks some websites and so I became interesting in this topic.

  • 1.3 How to get this file

  • As you are reading this you actually found this file somewhere. The most updated version you can get here:

    European mirror: - (Lambdanet - Erfurt, Germany)
    American mirror: - (University of Toronto - Toronto, Canada)
    Asian/Pacific mirror: - (Orcon ISP - Auckland, New Zealand)

    SSL mirror: (Netfirms, Toronto, Canada) and
    Dynamic IP mirror: (Road Runner Cable - Tampa, FL, USA)

    eMail autoresponder: (just send an empty email, you will instantly get this text as plain HTML in return)

    Google Cache: - (maybe some days old)

  • 1.4 License

    Permission is hereby granted, free of charge, to any person obtaining a copy of this document, to deal with this document without restriction, including without limitation the rights to use, copy, modify, translate, merge, publish, distribute, and/or sell copies of the document, and to permit persons to whom the document is furnished to do so, provided that the author (Freerk) and at least two mirror server of the original text (see: 1.3 How to get this file) appear in all copies of the document.

    Basicaly this means that you can do anything with this text as long as you mention my name and a way to obtain this original file. First I wanted to publish this paper under the GNU Free Documentation License ( but I think the licence is to restrictive and complicated (see also: Why You Shouldn't Use the GNU FDL - So I made up my own one based on the X11 licence (

  • back to top

    2. Possible weaknesses

    You have to choose to bypass the Internet censorship or not. I only show you how to do it, I can't take any responsibility. In several censor countries you will go to jail if they catch you, in a lot of companies you will get fired and some schools will ban you.
    Of course the censors not only block Internet traffic, they are also looking at it (in countries/companies with a little Internet population) and try to find out who is bypassing their firewall how. An easy way to find out who (and how) is bypassing the firewall is by just looking for some identicators in the logfiles:

    Try to avoid getting caught this way!

    Please note that the proxies on my website are not checked/verified. It could be that a censoring government run those proxies just to check who is accessing which blocked information. Maybe some of them are also maintained by hackers that can examine every piece of information that passes their servers (your credit card information, for example). So carefuly choose the server you connect to and even think twice if you use them to transfer private data.

    More infos:

    back to top

    3. Different kinds of censorship

    There are many different ways to censor Internet traffic. Sometimes there are 2 or more combined. Please write me at and let me know which blocking methods are used in your country, which ISP you are you using, and the bypass method you used to bypass it: It would be very useful for other users!

    More info:

  • 3.1 Blocked URL's via the DNS-server

  • This example is used by some German providers. It is a very cheap and easy censoring method and the same is true for bypassing it. First, I will explain what the Domain Name System is: Every computer on the Internet has an unique address, a little bit like a telephone number. These are 4 numbers from 0 to 255 separated with a dot. For example: is the IP address for Because remembering such a number is very difficult, the DNS was invented. This service maps a URL to its IP address. If you type into your browser, the request is sent to the DNS-server that was automatically given to you by your ISP on dialing into the Internet. A lot of addresses are already cached, so the DNS-server sends the IP address for the URL back to you. If the DNS-server has no cached information on the site requested by you, he asks one of the 13 root servers, which know all addresses. If the DNS-server from your provider is censoring, he just refuse to send you the real IP-address. He sends you nothing or a page from a "sorry" website.

    More info:

  • 3.2 Forced proxy server / transparent proxy

  • You have to specify a proxy server in your 'Internet Explorer' settings in order to get a connection to the Internet. Sometimes, the ISP is using a transparent proxy. With these you can't see easily if there is a proxy or not. Every request you send to or receive from the Internet is checked at this server and redirected to you (well, or not...).

  • 3.3 Keyword filter

  • This means that all Internet traffic goes through the servers of the censor, who is scanning the content for 'bad words'. This dynamic filtering is true for most filters in schools, libraries and companies. If the site contains bad words it is blocked. The person who is offering the blocked information could prevent the censoring by "hide" the content inside of images. For the user there is almost no difference, but it is difficult for a computer program to "read" the text inside an image. Also SSL encrypted traffic (a URL starting with https://...) can't be scanned easily. You can test which keywords are blocked on your connection on there you can enter the keyword(s) you want to test an click on "send" when you get the message "You entered [your word here]" in return everything is fine, but if you get an error message you know which words are blocked.

  • 3.4 Blocked ports

  • Ports are like doors for a special service to a server or PC. They rank from 0 to 65535. The standard ports are from 0 to 1024, these are the well known ports. The official list you can get under and a description on If a censor blocks a port, every traffic on this port is dropped, so its useless for you. Most censors blocks the ports 80, 1080, 3128 and 8080, because these are the common proxy ports. Because all of the proxies on common ports are useless for you, you have to find proxies that are listening on an uncommon port. These are very difficult to find.
    You can easily test which ports are blocked on your connection. Just open the DOS-prompt, type telnet 80 and hit enter. The number is the port you want to test. If you get some weird symbols in return everything is ok, if it says "timeout" or something similar, that port is blocked by your ISP. Here are the most important ports for us:

    20+21 - FTP (file transfer)
    22 - SSH (secure remote access)
    23 - telnet (remote access) and also Wingates (special kind of proxies)
    25 - SMTP (send email)
    53 - DNS (resolves an URL to an IP)
    80 - HTTP (normal web browsing) and also a proxy
    110 - POP3 (receive email)
    443 - SSL (secure HTTPS connections)
    1080 - Socks proxy
    3128 - Squid proxy
    8000 - Junkbuster proxy
    8080 - a proxy

  • 3.5 Censorware on the client (child protection e.t.c)

  • Normally the censorship is implemented on servers from the ISP or government, but in some schools, private homes and some companies the blocking software is installed on every PC.

    More info:

  • 3.5.1 NetNanny

  • More info:

  • 3.5.2 CyberSitter

  • More info:

  • 3.5.3 AOL Parental Control

  • More info:

  • 3.5.4 CyberPatrol

  • More info:

  • 3.5.5. SurfControl

  • More info:


  • 3.6 Censorware on the server (inside of networks)

    These are programs that are mostly installed on servers in schools, libraries, companies or countries with a little Internet population.

  • 3.6.1 Bess/N2H2

    Bess is a proxy filter that is often used in schools/universities and companies. It can easily bypassed with Webproxies.

    More info:

  • 3.6.2 DansGuardian

    It's an Open Source Webfilter. Free for non-commercial use and thus it is widely used in universities, schools and libraries. It works as a Proxy with URL and keyword filtering (and also with the PICS-Standard). It's often used on an IPCop machine, however, the author at DansGuardian doesn't like it.

    More Info:

  • 3.6.3 WebSense

    More Info:

  • 3.6.4 WebWasher

    More Info:

  • 3.6.5 SmartFilter

  • More Info:

  • 3.6.6 squidGuard

    More Info:

  • 3.6.7 new_new


  • 3.7 Whitelist

  • Most Internet filters works with a blacklist, which means that access to all sites is allowed, except some special sites (well, sometimes there are a lot of exceptions...). A whitelist works the other way around: Access to all sites is blocked, except some special ones. For a normal ISP it is almost impossible to offer - because the Internet is nearly worthless. The whitelist scheme is used by free Internet terminals that are sponsored by a company which allows users the free access to their e-commerce site. This filter scheme is the most difficult to circumvent.
    Some time ago, there was a German ISP who had a completely free 0800-dial in number. Once you dialed in, you only could surf to and about 10 more e-commerce sites. But you could also connect to the other customers of the ISP. So somebody with a flatrate connected to both his normal ISP and the 0800-free ISP and set up a proxy. So all the users of the free ISP could use that proxy to connect to other sites.

    More info:

  • 3.8 IP blocking on the routers


    back to top

    4. Different ways to bypass censorship

    Since you can't directly access a server that is blocked you have to send the request to a non blocked server which redirects the traffic to the real site you want to visit. There are different types of these "gatekeepers".

  • 4.1 Using a different ISP

  • Well, it's as easy as it sounds: Just change your Internet Service Provider! For example, only in 'Nordrhein-Westfalen' (a state of Germany) is there a censoring firewall, so you can just subscribe to an ISP outside that state. But normally the censorship counts for all the country. One possibility is to try out an ISP outside the country. That costs a lot, but that way you will have a normal Internet access and won't have to worry about getting around filters. This could be a normal dialup provider in an neighbor country or even better, a 2-way Internet access via satellite like,,,,,,,,,,, and so on, just search with a search engine for '2-way Internet via satellite [your country or neighbor country]' or something like that.


  • 4.2 Using a non censoring DNS-server

  • Normally, you would automatically would use the DNS-server of your ISP to resolve domain names like to Internally, only these IP-addresses are used to send/receive data on the Internet. If your DNS-server is censoring, you simply can use another DNS-server. Under Windows, just right-click in your system panel on the 'network' icon and select properties of the TCP/IP-protocol. In Linux you have to edit the '/etc/resolv.conf' file. Use the server that is (virtual) your nearest. If you want to setup your own DNS-server use Bind ( The list of the 13 official root servers is located here: For redundancy, it would be good to ad the alternative root servers located in Europe from ORSN:

    Non censoring DNS-Servers: - (Frankfurt, Germany) - (Hildesheim, Germany) - (Alfter-Impekoven, Germany) - (Stockholm, Sweden) - (Leuven, Belgium) - (Belvaux, Luxembourg) - (Zurich, Switzerland) - (Barcelona, Spain) - (Vatican City, Italy) - (Nice, France) - (London, UK) - (Athens, Greece) - (Tunis, Tunisia) - (Moscow, Russia) - (College Park, MD, USA) - (Berkeley, CA, USA) - (Ottawa, Canada) - (Sao Paulo, Brasil) - (Santiago, Chile) - (Guatemala, Guatemala) - (Buenos Aires, Argentina) - (Mexico City, Mexico) - (Osaka, Japan) - (Taipei, Taiwan) - (Wellington, New Zealand) - (Melbourne, Australia)

    It's also possible to act as a manual DNS server by yourself. Just use the ping or traceroute service on a non censoring machine to get the IP of your desired server. Then use the IP instead of the URL in your browser. You will always get an IP, but it won't work every time to access the website via the IP, because a lot of webhosters host up to 500 or more websites on one server with one IP. But it will work fine with bigger websites. - Rotterdam, Netherlands (JAVA VISUALROUTE) - Hanau, Germany (HTTPS encrypted) - About 1000 public ping/traceroute gateways sorted by country

    More info:

  • 4.3 Using a non censoring proxy server

  • You can put a proxy server between your Internet connection and the site you want to visit. You send your request for a special website to that proxy server, which request the page from the Internet and deliver it to you. Normally, those servers cache the requested pages, so that on the next request he can deliver the page directly from the cache. That would be faster and cheaper. We use those servers to bypass censorship. For the eyes/computers of our ISP/Government we are only connecting to the proxy, they can't easily see, that we are connecting to a "bad site". But sometimes the standard proxy ports (80, 1080, 3128 and 8080) are blocked. In that case you have to use the proxies that are listening on an uncommon port.

    More info:

  • 4.3.1 Standard proxy

  • Standard Proxies can be found everywhere on the net. Almost every provider offer a proxy for their customers. Here are a few, it's in the widely spread "hostname:port" format. These proxies are mostly not anonymous!

    Planetlab CoDeeN Project ( - Very fast, you can also use them on port 3127. No POST allowed, so you can only view/download webpages and use simple forms that use the GET method (like search engines) but you can not use bigger forms that use POST (like buy stuff at Amazon)).

  • 4.3.2 Uncommon port proxy

  • Due to the fact that several censors block the common proxy ports (80, 1080, 3128 and 8080) to prevent circumvention you have to use proxies that are listening on a uncommon port. For example 8000 for the Junkbuster proxy or 6588 for the AnalogX proxy. You get a weekly updated list of Proxies that are listening on a non standard port here:

  • 4.3.3 Socks proxy

  • More info:

  • 4.3.4 Set up an own proxy server

  • More info:

  • 4.3.5 Special proxy / tunnel tools


  • JAP
  • JAP is an free and open source anonymity tool invented by a German university. It sends your traffic encrypted through different mixes, so that absolutely nobody, not even the owner of on of the mixes know who is accessing which site. This is also on of the best tools to circumvent censorship. Just follow the installation instructions on or on installing the Java client (available for Windows, Unix, Linux, OS/2, Macintosh and others). Here is a list of the included servers and on which port they are connecting to:

    The InfoService -

    Dresden-Dresden -
    Dresden-ULD -
    New York-Berlin-Dresden -
    Regensburg-HU/IWI - in: --- out: []

    Not working at the moment:
    Dresden-Luebeck - xx:9544
    Luebeck-Berlin-Dresden -

  • Httport

  • Localproxy

  • HttpTunnel

  • Hopster

    Hopster is a commercial tool to circumvent firewalls in schools, companies e.t.c. The free version is only limited to a 4kb/s transfer rate (speed of a 56k modem). Just download the <1 MB Setup file and install it. It will test your connection/firewall and then configure everything automatically. Unlimited version costs 2 or 5 dollar a month.

    More info:

  • 4.3.6 Wingates

  • More info:

  • 4.3.7 Using a Shell

    More info:

  • 4.4 Using a Web-2-phone service

    This are services which you dial into with a normal telephone. Then you request the website you want to visit and the operator/computer voice then reads the content to you.

    More info: (a german Satire project. It is not working!)

  • 4.5 Using a webproxy

  • Webproxies are CGI-scripts that you access with your browser. The CGI script then opens a different URL (Internetaddress). So your firewall thinks you are only connecting to the server with the CGI-script. The addresses under 4.5.4 are not really meant as proxies. They act as translators, html-checkers or as a web archive. You can use them as a kind of proxy anyway. These webproxies are good instruments for "quick 'n dirty" bypassing. You don't have to configure your browser or anything, but it's kind of slow and won't work with all webpages. Only the proxies that are going over a secure connection can be used for phrase filtering, but the others are perfect for URL/IP filtering. Use them in your school, company or library when you have no privileges to install/change something on the machine. These links points to because the site is very small, useful, always on, and does not contain the ".com" extension of DOS-Files that are filtered by some proxies. If you do have webspace with cgi ability you can download the CGIProxy from James Marshall and install it on that webspace (there is a easy installer which does everything for you: Or you can install it on your PC at home and access it at work. How to do so you can read here: To find new working proxies search for "nph-proxy.cgi", "", "Start Using CGIProxy", "Start browsing through this CGI-based proxy", "WARNING: Entering non-anonymous area" or something like that with Google, Alltheweb, Wisenut or another search engine.

  • 4.5.1 Standard Webproxies (mostly CGIProxies:

  • (CGIProxy 2.0.1) (Poxy 0.3, no form) (Restricted access, proxy version unknown) (CGIProxy 2.0.1) (Restricted access, proxy version unknown, without form) (CGIProxy, only Google) (Ads, CGIProxy version unknown) (Ads, CGIProxy version unknown) (CGIProxy 2.0.1) (CGIProxy 2.0.1, no images) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 1.5.1) (Ads, without form, proxy version unknown) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1, no images) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1, no images) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy Big Ads) (CGIProxy 2.0.1) (CGIProxy 2.0.1, no form) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.1beta7) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1, Ads) (CGIProxy, no images) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (unknown Proxy, Ads) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1, Ads, no images) (Many ads, sites look wired, proxy version unknown) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (CGIProxy 2.0.1)

    new: (Poxy 0.4) (Poxy 0.4, no images) (Poxy 0.4) (Poxy 0.4) (Proxify, Ads) (Proxify, Ads) (CGIProxy, custom form) (CGIProxy 2.0.1) (CGIProxy 2.0.1) (Poxy 0.4) (CGIProxy 2.1beta9) (CGIProxy 2.0.1) (Poxy 0.4) (CGIProxy 2.0.1, custom form) (CGIProxy) (Poxy 0.4, with form) (CGIProxy 2.1beta9) (Poxy 0.4) (CGIProxy version unknown) (Poxy 0.4 ) (Poxy 0.4) (Poxy 0.4, with form) (CGIProxy 2.1beta10) (Poxy 0.4) (Poxy 0.4) (CGIProxy 2.0.1) (CGIProxy 2.1beta9) (Poxy 0.4) (Poxy 0.4) (CGIProxy 2.0.1, no form) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy .4) (Poxy .4) (Poxy .4) (Poxy .4) (Poxy .4) (Poxy .4) (Poxy 0.4) (CGIProxy 2.0.1, no form, ads) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (CGIProxy 2.1beta9) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4, with form) (Poxy 0.4) (Poxy 0.4, with form) (CGIProxy 2.1beta9) (Poxy 0.4, custom form) (Poxy 0.4) (CGIProxy 2.0.1) (Poxy 0.4, with form) (Poxy 0.4) (PHProxy 1.30) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4, no images) (CGIProxy 2.0.1) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (CGIProxy 2.0.1) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (CGIProxy 2.1beta10) (Poxy 0.4) (Poxy 0.4, no images) (CGIProxy 2.0.1, big ads) (Poxy 0.4) (PHProxy 1.30) (Poxy 0.4) (Poxy 0.4, without images) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4) (Poxy 0.4)

    SSL: (CGIProxy 2.1beta10)

    lists: - - - - -

  • 4.5.2 Webproxies with encrypted URL's

  • (Poxy 0.3)
    (Poxy 0.3, Ads) (Poxy 0.3, without images)
    (CGIProxy version unknown) (CGIProxy 2.0.1, Ads) (Poxy 0.4, no form) (Poxy 0.3, Ads) (Poxy) (Poxy 0.3) (Poxy 0.4, no form) (Poxy 0.3, without images) (Poxy 0.3, no images, Ads) (CGIProxy 2.0.1) (Poxy 0.3) (Poxy 0.4) (Poxy 0.4, no form) (Poxy 0.3, no images) (CGIProxy 2.0.1) (Poxy 0.3, Ads) (Poxy 0.4, no form) (Poxy 0.3, without images) (Poxy 0.4, Ads, no images) (Poxy 0.3, without images) (CGIProxy 2.0.1) (Poxy 0.3) (Poxy 0.3) (Poxy 0.3) (Poxy 0.4, no form) (Poxy 0.3) (Poxy 0.3) (Poxy 0.4, no images, no form) (Poxy 0.4, no form) (Poxy 0.3) (Poxy 0.4, no form) (Poxy 0.3) (Poxy 0.3) (Poxy 0.4, no form) (Poxy 0.4, no form) (CGIProxy version unknown, without form) (Poxy 0.3) (Poxy 0.3) (CGIProxy 2.0.1) (CGIProxy 2.0.1, ads) (Poxy 0.3) (Poxy 0.3) (CGIProxy 2.0.1) (Proxy version unknown, no form) (CGIProxy 2.0.1) (Poxy 0.4, no form) (Poxy 0.4, no form) - A german searchengine with anonymizer

  • 4.5.3 Webproxies on a secure SSL-connection

  • (Without form, CGIProxy 2.0.1) (Ads, CGIProxy version unknown) (Ads, special form, Proxy version unknown) (Proxy version unknown) (Proxy version unknown) (Proxy version unknown) (Without form, CGIProxy 2.0.1) (Without form, CGIProxy 2.0.1) (Without form, CGIProxy 2.0.1) (Proxy version unknown) (Proxy version unknown) (Proxy version unknown) (Proxy version unknown) (Without form, CGIProxy 2.0.1) (Without form, CGIProxy 2.0.1) (Without form, CGIProxy 2.0.1) (Proxy version unknown) (Proxy version unknown) (Proxy version unknown) (Proxy version unknown) (Without form, CGIProxy 2.0.1)

    Webproxies from AAEX (Ads): - - - -
    Chinese webproxies: -

  • 4.5.4 Standard CECID proxies ( (v0.7) (v1.0.1, with form, images enabled) (v1.0.1, with form, images enabled) (v1.0.1, with form, images enabled) (v1.0.1, with form, images enabled) (v1.0.1, with form, images enabled) (v1.0.1, with form, images enabled) (v1.0.1, with form, images enabled)
  • 4.5.5 CECID proxies on a secure SSL-connection (v0.7b) (v0.7b, without images)

  • 4.5.5 Translators, warpers, e.t.c that can be used as a proxy

  • (Ads, proxy version unknown) (Browser Emulator) (Websitechecker) (Websitechecker) (Footnote?) (kind of a footnote)* (Warper) (modified CGIProxy for iMode mobile phones) (Translator) (Translator) (Translator) (Translator) (Translator) (Translator) (Translator) (Translator) (Translator) (Translator) (Fun Translator) (Fun Translator) (Fun-Translator) (Fun Translator) (Fun Translator) (Web Access Gateway) (Web Access Gateway) (Web Access Gateway) (Web Access Gateway) .de/ .fr/ (the Google Cache)*/ (Archive of the Internet since 1996)*/ (a mirror of (get files) (a Google fun mirror mirror) (another Google fun mirror) (a fun mirror mirror *gg*) (a Google mirror) (a Google mirror) (a German Google mirror) (a Google mirror) (a official Googe "mirror") (a mirror for the Google mirror...) (Google, again) (another Google and Alltheweb mirror) (see as a search engine) (a gateway/browser emulator) (very simple proxy)

  • 4.6 Get webpages via eMail

  • Several years ago when the Internet connections where slow and the "www" was just invented, many people just got a to email restricted access to the Internet. That's the origin of the "Agora" and "www4email" software. Some of these email robots are still available and we can use them to bypass Internet censorship. The best thing would be to subscribe to a free email provider which allows SSL-connections (like,,,,, e.t.c) and use that account with the email addresses below. I put the field where you have to input the URL in brackets. It still works great for text. But will be some big problems with images or even DHTML, JavaScript, Java, Flash e.t.c. Also other services besides www are possible, for a very good tutorial on this see There is also a web based service under I again used as an example because the URL is allways accessible and the '.com' in the original Google address is often considered as a .com DOS-file by some computers and censorship systems. The www4mail software ( is newer than the Agora software.
    A eMail with just "help" in the subject line will get you a tutorial on how to use the service properly.
    [BODY] send
    [SUBJECT] url:
    [BODY] get
    [BODY] mail
    [BODY] url
    [BODY] url:

    Google Search via eMail:
    [Subject] search keywords

    More info:


  • 4.7 Using steganography

  • Hide content inside of images.

    More Info:

  • 4.7.1 Camera/Shy

    Camera/Shy is the only steganographic tool that automatically scans for and delivers decrypted content straight from the Web. It is a stand-alone, Internet Explorer-based browser that leaves no trace on the user's system and has enhanced security.

    Camera/Shy is an application that enables stealth communications, such software can be useful in countries where Email communications are regularly monitored and censored, such as happens in China.

    More info:


  • 4.8 Using a special proxy like p2p program

  • There are different projects of peer-2-peer programs to bypass censorship. They work like Napster, Kazaa and eDonkey, which means that you have to download a little tool that contains a server and a client part.

  • 4.8.1 Peek a Booty

    The goal of the Peekabooty Project is to create a product that can bypass the nationwide censorship of the World Wide Web practiced by many countries.

    Peekabooty uses a complicated communications system to allow users to share information while revealing little about their identity. When a node receives a request for a web page it randomly decides whether to pass this on or access the page itself. It also only knows the address of its nearest partner. This makes it difficult to determine who requested what information and is designed to protect users from anyone trying to infiltrate the system from inside.

  • More info:

  • 4.8.2 Freenet

  • Freenet is the oldest and most widely spread P2P-program to beat censorship, so a lot of people use it and it has actually worked well for several years. There is no access to the Internet possible through the Freenet client. You can only view/download stuff from the 'free net'. You install the client as a local proxy which is listening on port 8888 and can access links like 'http://localhost:8888/SSK@fjfkHAbxdwMyTMFgtZjcP2ge-AYPAgM/sites/fwhh/index.html' It looks like a kind of normal URL. The 'localhost:8888' addresses the proxy server on port 8888 that is running on your local machine. The rest of the URL is something like an encrypted file name. It is not possible to determine who put some information into the network or who is downloading it.

    More info:

  • 4.8.3 MojoNation

  • More info:

  • 4.8.4 TriangleBoy

    Safeweb, a company that received funding from In-Q-Tel, the CIS's centure fund, released software called "Triangle Boy". The software is a peer-to-peer application that volunteers download onto their PC's. A User that has been denied access to any website by a censor can use the Triangle Boy software to circumvent the censorship. Currently the Triangle Boy software only provides access to the Voice of America, because this service is blocked by the Chinese government.

  • More info:

  • 4.8.5 Six/Four

  • More info:

  • 4.8.6 Entropy

  • More info:

  • 4.9 Special Services

  • Other services than the www.

  • 4.9.1 Usenet

  • The normal port for newsservers 119 is usually blocked, so you have to access the Usenet via a different port. If you sometimes only want to read some very common newsgroups you can easily visit them via free web-based newsservers like,, and A lot of newsserver companies offer their services on a non standard port. Just ask them before signup. If you need access to a newsserver with your newsclient you have to subscribe to one of these newsserver-companies which allow access to their newsservers on an uncommon port: ( on ports 23 and 80) - ( on ports 23, 25 and 7501) - ( on 22, 23, 53, 80, 110 and 443, or try their web-based service at port 81) - ( on ports 20, 21, 22, 23, 25, 53, 80, 81, 110, 443 and 8080) - ( on ports 23, 25, 80, 7000, 8000 and 9000. and on ports 443 and 8080. SSL connections at and on ports 563, 80 and 81) - ( on any port you like) - ( on any port you like) - ( and at port 80 and 120

    Note: Unless SSL is used, all traffic is unencrypted, so you can access these newsservers, but the censors can easily monitor all your traffic! It would be more secure to use a SSH port forwarding.

    More info:

  • 4.9.2 Games


  • 4.9.3 FTP

    More info:

  • 4.9.4 Instant Messenger

    Instant Messengers are very popular. You have to register your nickname at one of the companies and download their software. Then when you are on the Internet you can start the software and log onto their servers. You are then marked as "online" and all your friends who know your nickname and have the same Instant Messenger client can see that you are online and easily chat with you. Everyone of the 4 big IM players has its own software client which contain advertisement, spyware and none is compatible with the other IM protocols. I recommend you to download Miranda, which is a open source Instant Messenger which is very small, without ads or spyware and working without installation. It works great with every IM protocol, even at the same time.

    More info:

  • ICQ

    Users: 7 million
    Login server: or
    Used ports: tcp at any port you choose in the settings (default is 5190)
    Used protocol: Oscar
    Supports proxy: http, https, socks 4 and socks 5
    Online version: (connects to at any port you choose, default is 80) or (The Odigo client online, supports all 4 services)

    More info:

  • MSN Messenger

    Users: 23 million
    Login server:
    Used ports: tcp at 1863 which you can not change, but if connection failes, MSN tries port 80. (voice/video/webcam is tcp 13324 and 13325, application sharing/whiteboard is tcp 1503 and file transfer tcp 6891)
    Used protocol: .NET Messenger Service
    Supports proxy: http, socks 4 and socks 5
    Online version: none official, but several unofficial. Be careful to give them your password! (The Odigo client online, supports all 4 services), (Lycos Messenger, works also with Yahoo) and maybe you can try (i-mode, after 3 days it costs $) or (he's still working on it).

    More info:

  • AIM

    Users: 60 million
    Login server:, and
    Used ports: tcp at any port you choose in the settings (default is 5190), for the IM images the software uses port 4443 (?)
    Used protocol: Oscar
    Supports proxy: http, https, socks 4 and socks 5
    Online Version: (The old QuickBuddy, port 80) and (the newer AIM Express, port 80) or (The Odigo client online, supports all 4 services)

    More info:

  • Yahoo Messenger

    Users: 20 million
    Login server: or (maybe different)
    Used ports: tcp 5050 and 80 for file transfer, which can be changed in the settings
    Used protocol:
    Supports proxy: http, socks 4 and socks 5
    Online Version: (The official Web Messenger) or (Lycos Messenger, which also supports MSN) or (The Odigo client online, supports all 4 services)

    More info:!_Messenger

  • 4.9.5 Filesharing (Peer-to-Peer) Programs

    Gnutella (decentralized) - BearShare, Gnucleus, LimeWire, new Morpheus, Shareaza - More info:

    FastTrack (commercial, with Server) - KaZaA, KaZaA Lite, Grokster, old Morpheus, iMesh - More info:

    eDonkey (lots of servers, uses mainly port 4662) - eDonkey2000, Overnet, eMule, mlDonkey - More info:

    Napster (lots of servers) - OpenNap, Napigator, FileNavigatior, WinMX - More info:

    Other networks - Audiogalaxy, BitTorrent, Hotwire, Direct Connect, Evernet, SoulSeek

    More info:

  • back to top

    5. How to publish information

    It is one think is to access information that is already censored, but another challenge is to publish one's own information that can't easily be censored. Here you can see my ideas on how to avoid censorship:

    More info:,1282,5778,00.html

    back to top

    6. Appendix

  • 6.1 Links


  • 6.1.1 Other bypass tutorials


  • 6.1.2 Other sites about Internet censorship

    Mailinglist: - (Discussions about censorship in Australia, English)
    Mailinglist: - (How to beat censorship and proxies. Very good!)

  • 6.1.3 Where to get proxies
  • (updated weekly, uncommon port proxies)
    Via autoresponder from (Very good!) (Very good!)

    back to top

    TO-DO-LIST (I could use some help on this...):



    Bildung von Untergrund-(Inter)Netzen in Deutschland (GAMEnet etc.) WLAN
    dIRC (ChaosComputerCongress 1997) und Abwandlungen

    ssh as a redirection server
    rinetd as a redirection server
    stone as both a redirector and a proxy
    running a Perl proxy

    often used non standard ports: 20, 21, 22, 23, 24, 25, 81, 82, 83, 84, 443, 1979, 1128, 2000, 5000, 6000,
    6588, , 7070, 7531, 7532, 7533, 8000, 8001, 8002, 8003, 8040, 8081, 8082, 8084, 8090, 8888, 8965, 9080, 9081, 10001, 10080, 22788, 39999 answering machine ++49-(0)1212-552489659 free email with smtp server and -

    url hiding with ascii, hex, oktal e.t.c codes.

    Webproxies by the IBB (Voice of America and Radio Farda)
    For people in Iran (please read - - - - - - -
    For people in China:

    MSN - afterwards port 80 (,, -
    Yahoo! - or (,,, port 80

    ftp server that show the user IP in the welcome message (test for anonymity):,,,,,,

    mail: - - -
    gmail: -

    servers that listen on any port (test it with telnet PORT ):,,

    final dot after domains like described in: [complete Webbrowser in 1,2MB]

    Other mirror server maintained by me: (Infoseek - Tokyo, Japan)

    Ferienhaus Nordsee Ostfriesland
    This link is for bad machines only, uninteresting for humans: You are not supposed to click here