• Welcome to Valhalla Legends Archive.
 

Spread program on all workstations in Windows network

Started by Banana fanna fo fanna, January 24, 2006, 09:59 PM

Previous topic - Next topic

CrAz3D

Quote from: Meh on January 30, 2006, 05:30 PM
IF your talking about me Joe, we have IE.
He's probably talking to quasi-modo since quasi mentioned the Firefox thing
rebundance - having or being in excess of sheer stupidity
(ré-bun-dance)
Quote from: Spht on June 22, 2004, 07:32 PMSlap.
Quote from: Adron on January 28, 2005, 09:17 AMIn a way, I believe that religion is inherently evil, which includes Christianity. I'd also say Christianity is eviller than Buddhism (has more potential for evil).
Quote from: iago on April 19, 2005, 01:06 PM
CrAz3D's ... is too big vertically, at least, too big with ... iago ...

Skywing


iago

Quote from: Meh on January 29, 2006, 06:00 PM
What I meant was each computer has a basic logon such as NPC0023, where as an individuals username looks like MAS040633. NPC0023 doesnt require a password and is linked to that PC noone else. They cant trace what person is using the computer if logged on under NPC0023.

That's a stupid way of doing things, but oh well :)

Don't forget that they can (and probably do) read your conversations without your knowledge.  Just don't talk about private or illegal stuff, and you'll probably be ok. 

Quote from: Skywing on January 30, 2006, 05:47 PM
Quote from: Lord[nK] on January 30, 2006, 04:58 PM
I'd imagine most schools use transparent proxies.

This is my experience as well.
The other alternative is to block all ports that go from the inner network to the outside world, except for on the proxy server.  Then the only way to get out is going through the proxy.  That has the bonus of killing most other networked programs (bots, brute-forcers, IM, etc) at the same time. 

In my experience (which, admittedly, is limited), transparent proxies, for some reason, break easily and don't handle traffic as well as they should.  It's possible that there are ones that work fine, but I have not seen them. 
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


111787

Last year I managed to gain the Administrator password, access the local grade server, and disable all the site blocking software at my school in about 5 mins.  Then some freshman realized the site block was off and went to a porn site, and well they literally pulled the plug.  It was kinda easy since the Admin login was Technology and so was the password for everything.

MrRaza

The admin at my old highschool left his teacher's account logged on my workstation for some reason. I changed my mark for the course and adjusted others that are contained on one of the teachers shares where all the marks are stored. Then I found a text file with every students lastname, firstname, number, parents business number, sex, etc, it looked like a text file that was used with one of Active Directory's commnad-line tools, CSVDE, to import a file with a large amount of users into the domain controllers database. Then simply used Novell's built-in messenger service to message every computer in the school that was powered on about a 100 times over. All this in less than two minutes, with no security camera's in the room. So no one suspected me.

iago

Quote from: MrRaza on January 30, 2006, 09:13 PM
The admin at my old highschool left his teacher's account logged on my workstation for some reason. I changed my mark for the course and adjusted others that are contained on one of the teachers shares where all the marks are stored. Then I found a text file with every students lastname, firstname, number, parents business number, sex, etc, it looked like a text file that was used with one of Active Directory's commnad-line tools, CSVDE, to import a file with a large amount of users into the domain controllers database. Then simply used Novell's built-in messenger service to message every computer in the school that was powered on about a 100 times over. All this in less than two minutes, with no security camera's in the room. So no one suspected me.

If somebody had walked in on you, or had been monitoring the system  (who knows how, there are tons of ways) and saw you change the mark, you'd probably be expelled and, at least where I live, you'd very likely serve jail time.  So basically, you'd be throwing your life/future away to have some fun with a computer.  Is that really worth it?
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Meh

Quote from: 111787 on January 30, 2006, 08:16 PM
Last year I managed to gain the Administrator password, access the local grade server, and disable all the site blocking software at my school in about 5 mins.  Then some freshman realized the site block was off and went to a porn site, and well they literally pulled the plug.  It was kinda easy since the Admin login was Technology and so was the password for everything.
They dont block google. Go to images, select Do not Filter My Results. Then type n porn or something. It wont get blocked.

Eric

Quote from: Meh on January 31, 2006, 04:49 AM
Quote from: 111787 on January 30, 2006, 08:16 PM
Last year I managed to gain the Administrator password, access the local grade server, and disable all the site blocking software at my school in about 5 mins.  Then some freshman realized the site block was off and went to a porn site, and well they literally pulled the plug.  It was kinda easy since the Admin login was Technology and so was the password for everything.
They dont block google. Go to images, select Do not Filter My Results. Then type n porn or something. It wont get blocked.

Content filtering does just that and does not require Google being blocked.  Having uncensored internet access in schools is a significant liability so it's taken very seriously.

Joe[x86]

But it's done through a proxy, which is disabled with the snap of a finger, unless they have some decent netadmins who disabled your right to change IE settings.
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.

dxoigmn

Quote from: Joe on January 31, 2006, 07:15 AM
But it's done through a proxy, which is disabled with the snap of a finger, unless they have some decent netadmins who disabled your right to change IE settings.

A transparent proxy, not some IE proxy setting.

MyndFyre

Quote from: Joe on January 31, 2006, 07:15 AM
But it's done through a proxy, which is disabled with the snap of a finger, unless they have some decent netadmins who disabled your right to change IE settings.

It doesn't even need to be a transparent proxy.  I can't get ANY public internet at work without the explicit proxy settings enabled.
QuoteEvery generation of humans believed it had all the answers it needed, except for a few mysteries they assumed would be solved at any moment. And they all believed their ancestors were simplistic and deluded. What are the odds that you are the first generation of humans who will understand reality?

After 3 years, it's on the horizon.  The new JinxBot, and BN#, the managed Battle.net Client library.

Quote from: chyea on January 16, 2009, 05:05 PM
You've just located global warming.

Joe[x86]

@dxoigmn: There's a difference? Call me stupid if you want, but honestly, I thought 'transparent' was describing anonomity (however you spell it).
Quote from: brew on April 25, 2007, 07:33 PM
that made me feel like a total idiot. this entire thing was useless.

dxoigmn

Quote from: Joe on January 31, 2006, 03:56 PM
@dxoigmn: There's a difference? Call me stupid if you want, but honestly, I thought 'transparent' was describing anonomity (however you spell it).

A transparent proxy is a proxy that is invisible to the user. That is, all traffic is routed through the proxy transparently (without the client's knowledge), which allows all traffic to be filtered or shaped without the user being able to do anything about it. It's their network, they can do whatever hell they want.

MrRaza

Quote from: iago on January 30, 2006, 10:19 PM
Quote from: MrRaza on January 30, 2006, 09:13 PM
The admin at my old highschool left his teacher's account logged on my workstation for some reason. I changed my mark for the course and adjusted others that are contained on one of the teachers shares where all the marks are stored. Then I found a text file with every students lastname, firstname, number, parents business number, sex, etc, it looked like a text file that was used with one of Active Directory's commnad-line tools, CSVDE, to import a file with a large amount of users into the domain controllers database. Then simply used Novell's built-in messenger service to message every computer in the school that was powered on about a 100 times over. All this in less than two minutes, with no security camera's in the room. So no one suspected me.

If somebody had walked in on you, or had been monitoring the system  (who knows how, there are tons of ways) and saw you change the mark, you'd probably be expelled and, at least where I live, you'd very likely serve jail time.  So basically, you'd be throwing your life/future away to have some fun with a computer.  Is that really worth it?


Well, if someone did walk in on me, it is hard to tell the difference between teacher accounts and student accounts desktop wise. And of course the consequences of getting caught are there, that's what makes it interesting. The thing is, I didn't get caught, the network admins probably wouldn't monitor a teachers account that is the head of the Cisco learning department at the school, instead I think they'd be monitoring the how many of hundreds other students that might have been logged on at that time. I don't suggest hacking or anything of that sort, I would barely called this hacking :P. But I do agree with you, it is really risky to throw away your education and career. I have a friend that got caught doing something similar to this, and pleaded guilty to some sort of hacking charge given to him by the RMCP and the school.

|