Streaming MP3s from home PC to work PC (which has WebSense filter)
May 8, 2007 10:26 PM   Subscribe

How can I stream MP3s from my home computer to my work computer THROUGH an evil Websense filter?

I have read about Orb, Hamachi, Slingbox, etc. and they all sound very exciting. But my workplace (a school system) has a Websense filter that would inspire George Orwell.

I imagine that any of these services will be blocked as "Streaming Media" "Proxy Avoidance" or "Music Download Service."

Is there a way to stream my music collection directly from my home computer without going through a third-party website like Orb?

Any other choices for streaming through Websense?
posted by Alabaster to Computers & Internet (16 answers total) 4 users marked this as a favorite
You need an SSH Tunnel.
posted by phrontist at 10:37 PM on May 8, 2007

Depending on how sophisticated websense is (I have no experience with it) you may need further encode your SSH traffic has HTTP requests to make it through. This claims to do it.
posted by phrontist at 10:39 PM on May 8, 2007

As far as getting around the filter, it's probbaly sufficient to serve the music over port 80 to get around it.

But. You'll still be using a goodly amount of your bandwidth and the school's bandwidth to do this, which is part of the reason for the filtering. You'll also likely be violating your ISP's AUP, and doing it consistently will cause your ISP to notice.

Get an iPod, it's simpler and you can listen during your commute too.
posted by orthogonality at 10:41 PM on May 8, 2007

Oh, and before bothering with corkscrew, try running SSH on port 443.

If you really want to go totally crazy, you can send your traffic as ICMP pings. Pings are almost never blocked (a lot of for-pay WiFi hubs allow them). See here.
posted by phrontist at 10:42 PM on May 8, 2007


If you think ICMP passes, you should see DNS.
posted by effugas at 11:26 PM on May 8, 2007

seconding orthogonality. why not just get an ipod (or other mp3 player) and avoid this mess? seems like you're asking for a complex solution when there's a really simple one.
posted by special-k at 11:36 PM on May 8, 2007

Just on the off chance that they're only tracking port 80, try running the free Slimserver software on another port; the default is 9000, but you can put it anywhere.

Slimserver does many things, one of which is to serve as a very nice remote streaming server. You can tell it how much bandwidth you have, and it uses LAME to compress (or recompress) your music down to suit your pipe size. It does this without damaging or changing the original at all, so you can get nice high quality MP3 at home and crappy 128k (or less) MP3 at work.

If Websense is smart enough to find it on other ports besides 80 and 443, then an SSH tunnel is the next step. You run an SSH daemon on a machine at home, and connect to it (on port 22) from work. You set your work SSH to open a local port and redirect it to a remote port on the machine to which you're connecting. Once the tunnel is running, you point your music player at, say, localhost:9000. SSH invisibly forwards that connection to your home machine. Your player thinks it's talking to a local server; your home server thinks it's talking to a local client. Neither knows that SSH is forwarding the packets over the Internet. The connection is encrypted and carried on the port 22 traffic, so Websense can't see or analyze the traffic.

Basically, you have to find a single port you can connect to your home machine on; once you have that single port, you can do anything you like.

As phrontist suggests, if Websense is blocking other ports, try 443. That's the SSL (encrypted HTTP) port, and will give you the best chance of being able to get a successful SSH connection out through Websense.

Open proxies are another way of getting around Websense, but you really don't want to use an open proxy for streaming music. That's a high-bandwidth application, and will cause the proxy serious pain.

A final thought: they are probably restricting streaming music for a reason. You would be far friendlier to the network if you just burned your MP3s onto a CD or DVD and listened to them that way. If you keep them in MP3 format and use a software player, you can fit 50+ hours of music on one DVD.
posted by Malor at 11:38 PM on May 8, 2007

One more thought: SSH tunneling only works well on a high quality connection. If you are getting any significant packet loss (very very common at schools, the primary Websense customer), usually an SSH tunnel will be much too slow and choppy to stream music with. It's basically wrapping one TCP stream in another, and when they both start detecting errors and both start resending packets, your connection will grind to a halt very quickly. I can't explain it any more clearly than that without being tremendously confusing.

Basically: even if you do get the SSH tunnel running, there's a good chance you won't be able to stream music. It'll kinda work, but it'll be choppy and annoying.
posted by Malor at 11:42 PM on May 8, 2007

Questions about circumventing work network restrictions get asked regularly on here, and the answer is always simple: don't bother if you want to keep your job.

Yeah, you could probably get some form of tunnelling to work, but chances are you'd soon be vying for the top of the bandwidth charts with whoever's next in line to be sacked for watching porn, so it'll be noticeable if there's any kind of monitoring going on.
posted by malevolent at 11:53 PM on May 8, 2007

Your home connection's upload speed will likely make this pretty choppy, aside from all the technical issues. I tried this for a while, using the GoToMyPC software (less restrictions at my workplace), but it quickly became clear that it was not worth the effort.
posted by Joh at 11:57 PM on May 8, 2007

as a network security guy who works specifically with websense, i have to agree with malevolent's post.

just invest 80 bucks or whatever on an ipod shuffle. either that or you could always stream music the old fashioned way - buy a radio.
posted by kneelconqueso at 8:37 AM on May 9, 2007

I use Apache::MP3. Allows you to resample on the fly to 96/128kbps. Handles like a dream...
posted by Arthur Dent at 10:27 AM on May 9, 2007

i've a large collection at home transcoding mp3s and oggs on the fly to work. email me and i'll send you a link...see if it works in your environment. the application is called kplaylist email is in profile
posted by killyb at 11:02 AM on May 9, 2007

Let's not forget that your school IT dept will probably notice the increased bandwidth and come check it out. There isn't much chance of hiding the music from a skilled (or even semi-skilled) human with physical access to the machine. And I suspect you'll be in violation of policy.

Get an iPod.
posted by davereed at 12:26 PM on May 9, 2007

If you use SSH you'll also be quickly flagged as the top user of an encrypted protocol.
posted by zeoslap at 1:38 PM on May 9, 2007

I use the free Barracuda HTTPS Tunnel to get around a network filter. It can tunnel any traffic even through a required proxy, and was easier to set up than other options I've seen (though still not trivial).
posted by teki at 1:57 PM on May 9, 2007

« Older "Fruits Basket" manga spoilers, please?   |   Programming Language with Variable Rules? Newer »
This thread is closed to new comments.