{"id":1434,"date":"2013-02-26T06:21:16","date_gmt":"2013-02-26T14:21:16","guid":{"rendered":"http:\/\/gregbaker.ca\/blog\/?p=1434"},"modified":"2013-02-26T06:21:16","modified_gmt":"2013-02-26T14:21:16","slug":"zju-internet","status":"publish","type":"post","link":"http:\/\/gregbaker.ca\/blog\/2013\/02\/26\/zju-internet\/","title":{"rendered":"ZJU Internet"},"content":{"rendered":"

After more than a week, I have Internet in my apartment. Until now, I was subsisting on my phone’s data plan.<\/p>\n

Here is how I seem to have to connect to the Internet in ZJU residences (and I think elsewhere on campus):<\/p>\n

    \n
  1. My netbook doesn’t have a built-in Ethernet port, but came with a USB ethernet dongle. Plug it in.<\/li>\n
  2. Plug an ethernet cable into the wall jack (not the one on the side of the room close to my computer, the other one).<\/li>\n
  3. Manually set an IP address that was given to me by someone in a residence office and is linked to my hardware (MAC) address. It took a week to get this, because everyone was on vacation. It took overnight to activate it once it was assigned to me.\n

    At this point, I can access an utterly nonsensical collection of sites that are perhaps whilelisted somehow. These include SFU’s web server, google.com.hk, and this site, but not SFU Connect or Renren. These connections seem to be HTTP only, so probably no easy way to tunnel through.<\/p>\n<\/li>\n

  4. Connect to a campus VPN server over IPSEC.<\/li>\n
  5. Log in to the IPSEC layer with a campus VPN username\/password. I don’t have one of these, and nobody seems to know how to get me one. Luckily, someone was kind enough to lend me theirs.<\/li>\n
  6. The VPN server with tunnels over L2TP. This provides Internet access that is as complete as one might reasonably hope in the current locale.<\/li>\n<\/ol>\n

    Even given the national demand to keep track of who accesses what, there is at least one layer too many in there. There’s some crazy design-by-committee going on to think of all that. Can anyone spot the weak point?<\/p>\n

    Those last three steps are supported in Windows only, and early attempts to get the VPN working in Linux have failed. There is also a campus proxy server that can be accessed without the VPN, but it seems to use some entirely different account and I can’t log into it.<\/p>\n

    Thus my proposed further steps may be:<\/p>\n

      \n
    1. Open a virtual machine running Linux in Windows. Let the VM’s network magic bridge the Windows network into the VM.<\/li>\n
    2. Probably use sshuttle<\/a> or similar to secure the whole stack back to a host I trust. There are too many moving parts and possible points of privacy loss in there.<\/li>\n
    3. Internet.<\/li>\n<\/ol>\n

      So that’s about 8 steps between my computer and some Internet. Any bets on the fraction of the time all of those actually work?<\/p>\n","protected":false},"excerpt":{"rendered":"

      After more than a week, I have Internet in my apartment. Until now, I was subsisting on my phone’s data plan. Here is how I seem to have to connect to the Internet in ZJU residences (and I think elsewhere on campus): My netbook doesn’t have a built-in Ethernet port, but came with a USB […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19,10],"tags":[],"class_list":["post-1434","post","type-post","status-publish","format-standard","hentry","category-china","category-tech"],"_links":{"self":[{"href":"http:\/\/gregbaker.ca\/blog\/wp-json\/wp\/v2\/posts\/1434","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/gregbaker.ca\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/gregbaker.ca\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/gregbaker.ca\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/gregbaker.ca\/blog\/wp-json\/wp\/v2\/comments?post=1434"}],"version-history":[{"count":6,"href":"http:\/\/gregbaker.ca\/blog\/wp-json\/wp\/v2\/posts\/1434\/revisions"}],"predecessor-version":[{"id":1440,"href":"http:\/\/gregbaker.ca\/blog\/wp-json\/wp\/v2\/posts\/1434\/revisions\/1440"}],"wp:attachment":[{"href":"http:\/\/gregbaker.ca\/blog\/wp-json\/wp\/v2\/media?parent=1434"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/gregbaker.ca\/blog\/wp-json\/wp\/v2\/categories?post=1434"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/gregbaker.ca\/blog\/wp-json\/wp\/v2\/tags?post=1434"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}