Technical Description
Firedrill is a system designed for tunneling TCP socket communications out through restrictive firewalls. For example; consider the scenario shown below in Figure 1.
 |
Here we have an SSH client application on a PC successfully communicating with a remote SSH server across the Internet. Consider however what might happen if we introduce a restrictive firewall at the clients site which only allows outgoing HTTP traffic. This scenario is depicted below in Figure 2.
 |
Now we can see that the SSH client is having its attempts to communicate with the SSH server blocked by the firewall. The firewall (possibly in combination with a HTTP proxy) is quite happy however to allow HTTP traffic out from the client.
The Firedrill software then takes advantage of the firewall allowing outgoing HTTP traffic by creating an HTTP tunnel out to an external Firedrill server over which all normal TCP traffic may be carried. The Firedrill server can then unwrap the original client TCP data and forward it on to the ultimate destination.
This complete HTTP tunnel scenario is shown in Figure 3, using the same SSH example as in the previous discussions.
 |
The technical term for the Firedrill system is a HTTP tunneling proxy. It actually consists of two components; a client installed on a local PC, and a server which can be located anywhere on the Internet.
The client half of the system acts as a SOCKS proxy to any application running on the users local PC that wishes to access the Internet. It reads data from that application, wraps that data in HTTP, and tunnels it out to a corresponding Firedrill server.
The server takes the HTTP data, unwraps the original data, and forwards it on to the final destination. Any response from the destination is also read, wrapped in HTTP and returned to the client which unwraps it and passes it back to the orginal application.
By wrapping communications from selected applications in HTTP Firedrill thus ensures that restrictive firewalls and web proxies allow those connections through when they might previously have been blocked. Also, anyone snooping on data routed via our Firedrill servers will only be able to see data coming from that servers IP address. Therefore the Firedrill user gains an additional layer of privacy and protection from IP address tracking.
Our Philosophy
Here at Firedrill we believe in the concept of fully open, free (as in freedom), and uncensored communications for all. Our services are designed to help realise this goal whether simply at home, work, or in countries under more oppressive political regimes.
Our software and servers help people all over the world to keep in touch via instant messenger and email, to protect their anonymity while surfing the web or using peer-to-peer networks, and re-enabling choice where restrictive firewalls or proxies had previously put up artificial road-blocks.
Corporate Information
Firedrill is owned and operated by The Linux Academy Ltd in the UK. For support issues please email support@fire-drill.com, while general enquiries should be directed to enquiries@fire-drill.com.