Extropx

Circumventing School Security: Your Take

30 posts in this topic

Situation:

Each student is given a login name, usually the first three letters of your first name and the last four of your last name as:

Robert Smith = smitrob

The password is a simple 4-digit numerical code.

Computers are restricted via DNS/Active Directory and the things an admin can do within the Windows Server 2003 environment.

Restrictions:

No cmd prompt.

No right-click on just about everything.

All system tools are diabled.

C:\ directory access disabled.

Mapping drives is disabled.

Executing any .exe/.bat files other than those of certain whitelisted programs is restricted.

IE7 is using a manual Proxy to point to an internet filter server running DansGuardian [blacklist: MySpace.com, FaceBook.com, most proxy sites, most hacking/cracking/phreaking sites, all E-mail sites, etc.)

I have used various tools to get around these restrictions, but I want to get a take of what people on these forums feel about hacking these restrictions since I have had mixed views on every forum that I have been on. Some say that by using the network, you accept the stipulations of that network, but others say that circumventing without the intent of harm of the system only contributes to your personal knowledge and is an okay thing to do. I am an utter novice on phreaking, but I have found the number to use the school's PA system, which I suppose could be considered phreaking.

What do you think?

Current technique: Using a modified boot-floppy to grab system32/config files and crack them, gaining admin access. However, I have been caught doing this once already and am a little hesitant. Any ideas here?

0

Share this post


Link to post
Share on other sites
by using the network, you accept the stipulations of that network

This.

I'm all for building experience, furthering your personal knowledge, and learning about security. However, these are things you should do on your own networks and computers. If it's not your network, play by their rules.

0

Share this post


Link to post
Share on other sites

So I take it you hack only your own network to learn of its vounerabilities so that you may one day apply what you have learned to possibly a career as an IT or as an admin of some large corporate business so that your knowledge can aid you in keeping people and programs with malicious intent out of the network that you are responsible for? Perhaps simply as a hobby? Maybe the question I should be asking to everyone is..."why do YOU hack?"

See, I had this idea that hackers & phreakers are one more cog in the gears that are part of the engine that is fighting injustice in this world. Maybe I was all wrong, but I always thought that when people consider themselves "hackers" they are doing their work for the betterment of the world.

If ideas that come from a free, open media in a country are being censored [like the internet in this case], then I am against that notion of thinking and will hack the system to ensure that a particular freedom is granted. Perhaps this thinking is too idealistic, and I am already sure that there will not be sucess in this discussion if the people on these forums are not in this same mindset. I know they are out there, I am just trying to find them. People that hack for the same reason(s) as I feel I should.

0

Share this post


Link to post
Share on other sites

It's what I do. I enjoy it. I study the the techniques that are being used by attackers, keep up to date on current vulnerabilities, develop tools for penetration testing and investigation, write about it all, and help people and organizations out by testing and improving their security. You can read up on my site, linked from my signature, if you're interested in the things I do and why I do them.

I don't do it to fight injustice, or anything like that. Then again, neither do most of the people who claim they are doing it for the "betterment of the world" or "fighting injustice". If you want freedom on the internet, pay for your own connection, take responsibility for your own privacy, and do with it what you will. The best thing you can do at school is to do your schoolwork and make the best of the education you're being given. People, such as yourself, who want to hack their school are not the freedom fighters or idealists that they make themselves out to be. At best, you're just causing a lot of trouble for the likely under-funded IT department that has to manage your school system's networks.

0

Share this post


Link to post
Share on other sites
So I take it you hack only your own network to learn of its vounerabilities so that you may one day apply what you have learned to possibly a career as an IT or as an admin of some large corporate business so that your knowledge can aid you in keeping people and programs with malicious intent out of the network that you are responsible for? Perhaps simply as a hobby? Maybe the question I should be asking to everyone is..."why do YOU hack?"

See, I had this idea that hackers & phreakers are one more cog in the gears that are part of the engine that is fighting injustice in this world. Maybe I was all wrong, but I always thought that when people consider themselves "hackers" they are doing their work for the betterment of the world.

If ideas that come from a free, open media in a country are being censored [like the internet in this case], then I am against that notion of thinking and will hack the system to ensure that a particular freedom is granted. Perhaps this thinking is too idealistic, and I am already sure that there will not be sucess in this discussion if the people on these forums are not in this same mindset. I know they are out there, I am just trying to find them. People that hack for the same reason(s) as I feel I should.

I Hacked my schools network (I use to go to CHS) It was my senior year and I wanted to do a senior prank. I was going to change the words on the Mar-key that we have in front of my school(mar-key is a LED sing that has text go on it). While I was exploring my schools network I found even bigger security risk on the networks, not only for my school but the whole district. I gave the district a 1 page summary of every thing I did and what was wrong with there network.

2 days latter I was held up for expulsion at my school. Now would I go back in time and not do it. HELL NO. I would do it again in a heart beat. For someone to tell you you should not hack other networks. forget them. I do work as a Network Security Administrator. How did I get that job. I had personal experance in hacking and it was on record. For all of you that say DO NOT HACK. well FORGET YOU. You hack to learn not hack to hurt.

So Hack away my friend.

Later

biosphear

Here is about 1/5 or the whole document I Had to write so I would not get expulsion and not graduate.

iprism_Hack.pdf

Edited by biosphear
0

Share this post


Link to post
Share on other sites

Biosphear it's spelled marque, not mar-key. Also, vary != very. I'm sorry I couldn't sit back and watch you butcher the language anymore. Below are some dictionary entries for very and vary.

var·y /ˈvɛəri/ Pronunciation Key - Show Spelled Pronunciation[vair-ee] Pronunciation Key - Show IPA Pronunciation verb, var·ied, var·y·ing.

–verb (used with object)

1. to change or alter, as in form, appearance, character, or substance: to vary one's methods.

2. to cause to be different from something else: The orchestra varied last night's program with one new selection.

3. to avoid or relieve from uniformity or monotony; diversify: to vary one's diet.

4. Music. to alter (a melody or theme) by modification or embellishments without changing its identity.

–verb (used without object)

5. to show diversity; be different: The age at which children are ready to read varies.

6. to undergo change in appearance, form, substance, character, etc.: The landscape begins to vary as one drives south.

7. to change periodically or in succession; differ or alternate: Demand for certain products varies with the season.

8. to diverge; depart; deviate (usually fol. by from): to vary from the norm.

9. Mathematics. to be subject to change.

10. Biology. to exhibit variation.

ver·y /ˈvɛri/ Pronunciation Key - Show Spelled Pronunciation[ver-ee] Pronunciation Key - Show IPA Pronunciation adverb, adjective, (Obsolete) ver·i·er, ver·i·est.

–adverb

1. in a high degree; extremely; exceedingly: A giant is very tall.

2. (used as an intensive emphasizing superlatives or stressing identity or oppositeness): the very best thing; in the very same place as before.

–adjective

3. precise; particular: That is the very item we want.

4. mere: The very thought of it is distressing.

5. sheer; utter: He wept from the very joy of knowing he was safe.

6. actual: He was caught in the very act of stealing.

7. being such in the true or fullest sense of the term; extreme: the very heart of the matter.

8. true; genuine; worthy of being called such: the very God; a very fool.

9. rightful or legitimate.

As for the OP's topic, I have to agree with McGrewSecurity on this one. Learn on your own network. "Hacking" someone else's network is a good way to get arrested or sued. Or in Biosphear's case almost expelled from school. Is it really worth that? I think not.

0

Share this post


Link to post
Share on other sites

I'd have to agree with with mcgrew here.

Your idealism doesnt give you carte blanche to do what you want on other peoples property. I would hate to use a PC on that network and I would probably hack it at least to the point where I could get a proxy going, if I could do it without attracting attention. But can you imagine what that network would be like if they didnt have restrictions? I've seen what a couple of teenage girls can do to a PC , I wouldnt care to imagine what a couple hundred could do.

Logging on as admin is a very noticeable/traceable act. It denies you any plausible deniability. You dont want to do anything now thats going to screw you later. Whats the cost/benefit? If you get busted and get known as that hacker guy, then everytime something goes wrong , they will blame you, and may restrict access to computers as part of your punishment, that is , if you dont get expelled.

I Hacked my schools network (I use to go to CHS) It was my senior year

Well , looks like you got lucky, other people wont be. A felony record to most Human Resource drones is instant disqualification. Yeah , you may have skills, but can they trust you?

Back in the day one of the best hack/phreak sites was l0pht heavy industries. They got bought by @stake who got bought by symantec.

Here's their site back then> http://web.archive.org/web/19961109005607/http://l0pht.com/ damn I'm old.

Also back in the day was Phiber Optik aka http://en.wikipedia.org/wiki/Mark_Abene

He was turned down for employment by a company FOUNDED BY HACKERS BECAUSE OF HIS HACKING CONVICTION. Ironic , no?

So if this former member of Legion of Doom , who has more skills than everybody whos posted in this thread rolled together, is having trouble getting jobs because of hacking convictions , what makes you special?

Nobody ever got arrested for hacking their own network. And if you are going to do it , at least do it remotely NOT from you or your neighbors internet connection , go to a cofee shop in a nearby town , christ , youve got the admin password it should be fairly trivial , at least that way you have plausible deniability.

I dont think anybody here is saying dont hack, or dont learn , just do it smart. You said you already got busted once, so why temp fate?

Now the phone PA thing. That looks like a low risk chance for some culture hacking. Timing is critical though , once you use it , they will probably change the number.

Keep learning, keep safe.

0

Share this post


Link to post
Share on other sites

You have restricted rights as a minor at a school. You can argue how that sucks etc., but that's the reality.

Considering the reactions that most schools have had in the past regarding a student playing INFOSEC games on their system, you're probably going to be suspended, possibly expelled, and possibly prosecuted. You can argue all you want about how you're helping the school and it's to make a better world, but you're still going to run the risk of getting nailed to a tree. Just like that last guy who ran around trying to help people. He got nailed to a tree too after getting the shit beat out of him.

Hacking really has nothing to do with making the world a better place. That's activism. Hacking is simply another version of better living through chemistry, or actually electronics. Some hackers might have an activist streak, but most just want to play with things.

0

Share this post


Link to post
Share on other sites

I guess I don't have anything to say here. McGrew, Ticom, and Kuiper more or less summed up my thoughts (and said them better than I could have).

0

Share this post


Link to post
Share on other sites

Although I do agree to play nice on somebody else's network I don't agree with your school. I guess I was lucky to have the oppurtunity at my school. There was the student network and the teacher network. They were completely seperated except for the homework hand-in system. The students were responsible for their network and administered by the students. I was lucky enough to be an admin for four years. It was awesome. Thats how I think the schools should take care of the networks and allow the students to grow and mature with hands on learning and giving them the responsability. We learned how to track logins and set up AD with Win 2003 server and WSUS. We learned about imaging and default profiles and how to administer and troubleshoot a cisco system with windows boxes. The most exciting part of the day would be to find a student exploiting the network and catch him. We learned how to train the newbies and handed the network to them my senior year. Greatest Highschool experience ever.

0

Share this post


Link to post
Share on other sites

I really need to get DSL.

Anyway:

I don't do it to fight injustice, or anything like that. Then again, neither do most of the people who claim they are doing it for the "betterment of the world" or "fighting injustice". If you want freedom on the internet, pay for your own connection, take responsibility for your own privacy, and do with it what you will. The best thing you can do at school is to do your schoolwork and make the best of the education you're being given. People, such as yourself, who want to hack their school are not the freedom fighters or idealists that they make themselves out to be. At best, you're just causing a lot of trouble for the likely under-funded IT department that has to manage your school system's networks.

I will take a look at your site when I find the time.

However,

I find your take on this to be a little close-minded unless perhaps I have interpreted it incorrectly. First of all, school is wasting my time. I know what I want to do on this planet, I have my goals and I have most of what I need to reach them. It is the truth. I could outline the classes that I have and I am confident that most people would agree that I am wasting my time. I do not belive that I am a so called "freedom fighter," I just appreciate the true value of what little skills I posess, and I have ideas of where those skills would be of most value. It is definately not hacking my own router in the darkness of my own basement to find out more about how I can secure my own corporate business's routers someday, preventing [true] hackers from bringing down these greedy corporate systems that are essentially harming the world.

This school takes a fascist approach to computing. I have been there since all the old ancient systems were there, and there were never any [major] problems with viruses, hacking, or kids being pervy on the internet. I feel this is wrong.

I am just trying to establish some foundation upon which I base my hacking; a...why I do it, otherwise what's the point? I am also just looking for people who share the same ideas as I do. I think hacking is just so much more than just tinkering.

0

Share this post


Link to post
Share on other sites
I will take a look at your site when I find the time.

However,

I find your take on this to be a little close-minded unless perhaps I have interpreted it incorrectly. First of all, school is wasting my time. I know what I want to do on this planet, I have my goals and I have most of what I need to reach them. It is the truth. I could outline the classes that I have and I am confident that most people would agree that I am wasting my time. I do not belive that I am a so called "freedom fighter," I just appreciate the true value of what little skills I posess, and I have ideas of where those skills would be of most value. It is definately not hacking my own router in the darkness of my own basement to find out more about how I can secure my own corporate business's routers someday, preventing [true] hackers from bringing down these greedy corporate systems that are essentially harming the world.

This school takes a fascist approach to computing. I have been there since all the old ancient systems were there, and there were never any [major] problems with viruses, hacking, or kids being pervy on the internet. I feel this is wrong.

I am just trying to establish some foundation upon which I base my hacking; a...why I do it, otherwise what's the point? I am also just looking for people who share the same ideas as I do. I think hacking is just so much more than just tinkering.

How you choose to spend your time in school should be your choice. Go for it.

0

Share this post


Link to post
Share on other sites

A schools computer network is not just there network, it's protected as other networks are such as library network etc. under the government.

Hacking into a kids computer is something, or even a kids network.

Hacking your way into the schools is another thing, which can turn out to be good, or turn out to be bad, very very VERY bad depending on your school and the law.

Getting caught (which I take it you will, since most people like to brag about how they hacked things to others, esp. teenagers) can get you expelled, and in a law suit and worst.

Go through school, graduate, get a degree, then get certified to do it and hack away on your own network, or your own company's network depending on if you get a job doing IT stuff.

If you want to disagree with me then talk to me on aim, my friend was in the same situation.

AIM = i bangd your gf

0

Share this post


Link to post
Share on other sites

I used to be into that back in early high school. I adopted the handle "Digital Bomb" with absolutely no knowledge of computers (other than user-level) or networks. I used to carry around this Coyote Linux floppy and someone had taught me how to use SAMdump and bkhive. Then pipe that into a text file and try dictionary attacks (and occasionally brute force) with Cain when I got home. Honestly it was never fun and I was always paranoid...and lacking in any real knowledge at all.

I stopped being interested in cracking my school's security system that same year and I moved on to legitimate learning. When I moved and went to a new High School two years later, I made friends with the Principal and Superintendent (and also the Dean). It was kind of easy, once I became the Library intern, to get legitimate access to the network (which was routed by two Cisco 1600's separate from each other, one for public use and one for the computers housing grades; easily connectible with a crossover cable and interface configuration...).

To tell the truth I was the one who hardened the whole system and even made our spying software access differently so that computers would not lag when being spied on (hinting the students to the presence of the ever watchful Mrs. Richart - the Librarian). So I've been on both sides of this and honestly...most school systems are so out of date that a kid with no knowledge can do some damage or go where they honestly shouldn't otherwise go. I say it's not worth the risk -- there's not even a challenge. Hell, our school's printer had a WEB SERVER that you could access remotely with a laptop or such and do whatever you wanted. It's all hokey pokey till someone gets poked in the hokey :D

You'll do whatever you want anyway, but I say don't bother. Go find something to hack that isn't paid for by tax money. Or is a public "hack-me".

0

Share this post


Link to post
Share on other sites
You'll do whatever you want anyway, but I say don't bother. Go find something to hack that isn't paid for by tax money. Or is a public "hack-me".

Well said!

0

Share this post


Link to post
Share on other sites

When I was in high school we used to use predictable password schemes to login as students who didn't change the default password then use thier accounts with proxy's to get around the filters. So that way if we got caught going on aim express in the middle of study hall it wasn't our account that got suspended.

Oh and in my freshman year we still had dos computers. With some kind of proprietary menu system that only gave you access to Microsoft Works, Word Perfect , and Pascal. but if you went into Pascal there was a dos shell in one of the menus, And then i found qbasic, and the all mighty Gorillas game and my teacher was soo confused as to how I found games on the computers.

Same teacher, when we "upgraded" to NT4 the next year thought he was the shit when he started preaching on the first day of class about the cool pinball game that he blocked all access to, and how maybe one day he'll let us play it if we're good. Of course by "blocked all access" he meant took out of the start menu. I just clicked run and browse and ran it and then like 30 seconds later i was in the hallway getting yelled at. I think the exact quote was "YOU DON'T NEED A COMPUTER TO HAVE COMPUTER CLASS!!!" i spent the first two weeks of class on the side of the room with a pen and paper. It was hilarious though.

If you're in high school you can only really get in soo much trouble. If you're going to be a jerk do it then, not in your office when you get a job later on.

0

Share this post


Link to post
Share on other sites
Situation:

Each student is given a login name, usually the first three letters of your first name and the last four of your last name as:

Robert Smith = smitrob

The password is a simple 4-digit numerical code.

Computers are restricted via DNS/Active Directory and the things an admin can do within the Windows Server 2003 environment.

Restrictions:

No cmd prompt.

No right-click on just about everything.

All system tools are diabled.

C:\ directory access disabled.

Mapping drives is disabled.

Executing any .exe/.bat files other than those of certain whitelisted programs is restricted.

IE7 is using a manual Proxy to point to an internet filter server running DansGuardian [blacklist: MySpace.com, FaceBook.com, most proxy sites, most hacking/cracking/phreaking sites, all E-mail sites, etc.)

I have used various tools to get around these restrictions, but I want to get a take of what people on these forums feel about hacking these restrictions since I have had mixed views on every forum that I have been on. Some say that by using the network, you accept the stipulations of that network, but others say that circumventing without the intent of harm of the system only contributes to your personal knowledge and is an okay thing to do. I am an utter novice on phreaking, but I have found the number to use the school's PA system, which I suppose could be considered phreaking.

What do you think?

Current technique: Using a modified boot-floppy to grab system32/config files and crack them, gaining admin access. However, I have been caught doing this once already and am a little hesitant. Any ideas here?

Well Legality's aside, this is pretty easy. The security permissions your looking to circumvent are pushed to the user account via Active Directory, use a local account on the machine. Not going to give you details, there are plenty of ways to do this. The most worthwhile method would be to load a Bart PE CD snatch the windows password file and reverse it using a rainbow table. This should give you the local admin account's password that would be unrestricted. This password is usually kept the same throughout the network but mileage may vary...

Check out Irongeeks's page. And don't be an asshat.

So I take it you hack only your own network to learn of its vounerabilities so that you may one day apply what you have learned to possibly a career as an IT or as an admin of some large corporate business so that your knowledge can aid you in keeping people and programs with malicious intent out of the network that you are responsible for? Perhaps simply as a hobby? Maybe the question I should be asking to everyone is..."why do YOU hack?"

See, I had this idea that hackers & phreakers are one more cog in the gears that are part of the engine that is fighting injustice in this world. Maybe I was all wrong, but I always thought that when people consider themselves "hackers" they are doing their work for the betterment of the world.

If ideas that come from a free, open media in a country are being censored [like the internet in this case], then I am against that notion of thinking and will hack the system to ensure that a particular freedom is granted. Perhaps this thinking is too idealistic, and I am already sure that there will not be sucess in this discussion if the people on these forums are not in this same mindset. I know they are out there, I am just trying to find them. People that hack for the same reason(s) as I feel I should.

Theres a damn good reason people are advising against this sort of activity.... Your going to get caught and from there learn this lesson the hard way like many of us have. You should be working in a lab to hone your skills and learn as much as possible. This is how you survive being a young hacker, your arrogance is what will do you in. At the end of the day you should be doing this for fun, nothing more. And yeah when your skills are worked up you'll probably go into IT and get paid to do what you love to do.

The idea that your going to run off and hack the planet and not get caught is a delusion. Your at most a novice up against an army of experts and masters.

If your school just slaps you on the hand fine, consider it a lesson learned. But a few kids recently got put away for installing key loggers on school computers to escalate privleges... You won't be hacking much from jail or a detention center for sure. The biggest stage of growth for a hacker is when they finally realize they are not and will probably never be the most 1337 hacker on the planet.

Your not going to run off and fight injustices of the world by hacking school networks. In the real world there are reasons for these laws, I don't agree with them all but I try to understand the reason before flying off the handle. Life will kick in shortly and you'll realize your not going to be some militant hero off in the woods of the US. Your going to need a real job to get by, and a lot of work and effort.

In short basically we're saying, take an honest look at your future and the possible lack of it if you get nailed for trying to be 1337 at school.

I really need to get DSL.

Anyway:

I don't do it to fight injustice, or anything like that. Then again, neither do most of the people who claim they are doing it for the "betterment of the world" or "fighting injustice". If you want freedom on the internet, pay for your own connection, take responsibility for your own privacy, and do with it what you will. The best thing you can do at school is to do your schoolwork and make the best of the education you're being given. People, such as yourself, who want to hack their school are not the freedom fighters or idealists that they make themselves out to be. At best, you're just causing a lot of trouble for the likely under-funded IT department that has to manage your school system's networks.

I will take a look at your site when I find the time.

However,

I find your take on this to be a little close-minded unless perhaps I have interpreted it incorrectly. First of all, school is wasting my time. I know what I want to do on this planet, I have my goals and I have most of what I need to reach them. It is the truth. I could outline the classes that I have and I am confident that most people would agree that I am wasting my time. I do not belive that I am a so called "freedom fighter," I just appreciate the true value of what little skills I posess, and I have ideas of where those skills would be of most value. It is definately not hacking my own router in the darkness of my own basement to find out more about how I can secure my own corporate business's routers someday, preventing [true] hackers from bringing down these greedy corporate systems that are essentially harming the world.

This school takes a fascist approach to computing. I have been there since all the old ancient systems were there, and there were never any [major] problems with viruses, hacking, or kids being pervy on the internet. I feel this is wrong.

I am just trying to establish some foundation upon which I base my hacking; a...why I do it, otherwise what's the point? I am also just looking for people who share the same ideas as I do. I think hacking is just so much more than just tinkering.

Agreed High school is usually a waste of time. School is a social system. If you know a bit about social engineering you'll see it in play at every level there. Life is going to be full of pointless time wasting organizations in both your personal and professional life. Now would be a good time to learn how to use these systems to the fullest. Because your not going to win a fight against these systems until you know how to work inside them.

0

Share this post


Link to post
Share on other sites

@Multi-mode:

I find your appraisal of the situation to be very informal and very fair, and I agree with much of what you say. I also appreciate your help on the topic; you being the first to offer an actual procedure/solution to the problem. If I could further request your knowledge, I would inquire about the way that Active Directory and how users are logged. I used to run Windows Server 2003 on a virtual machine and connect a host computer via a crossover cable to learn about how DSN/DHCP and Active Directory work, but I could never get very far because DNS was over my head and I had no money to buy books. Directors at my school wouldn't help me because they were afraid that I would soon "learn too much." So my knowledge on it is limited. My current problem is understanding whether the unauthorized admin logins are logged on the server, and if there is a way to work around this. You have the ability to login as the local machine, and I think that if I disconnect the ethernet cable, login, and then reconnect to establish network functions that it would probably omit me from the logs, although I cannot be sure of this.

I have been to irongeek.com. Very informative. :)

Your not going to run off and fight injustices of the world by hacking school networks. In the real world there are reasons for these laws, I don't agree with them all but I try to understand the reason before flying off the handle. Life will kick in shortly and you'll realize your not going to be some militant hero off in the woods of the US. Your going to need a real job to get by, and a lot of work and effort.

You are right. I am doing my best to learn as much as I can, and I am really coming to the realization that things are not as I think they are. I am eager, and I am arrogant, but I know that I have potential, and I really want to make use of it. Circumstances have just proved to be difficult, having parents who hate computers, being kicked out, having no money, no job, no computer and just wanting to find SOME way to access the internet, and SOME way to mess around with networks. School isn't the best place, and I see that now. I guess my only option is just to read and research until someday I am fortunate enough to have my own networks to mess with.

0

Share this post


Link to post
Share on other sites
I guess my only option is just to read and research until someday I am fortunate enough to have my own networks to mess with.

You can do an awful lot with just one computer if you can scrounge one up. Virtualization is a wonderful thing: you can use VMWare Server to set up some nice multi-machine configurations to play with. I make extensive use of this on a laptop, so I can do my work without having to be tied down to a physical lab. You can get by with pretty modest specs too. The one thing that's of importance with virtualization is plenty of RAM. You can get by with just about anything else scrounge up besides that.

0

Share this post


Link to post
Share on other sites

Ah! I did get the only computer I have left back! (I used to have 6)

I actually have a pretty damn nice computer. An entire summer job's wages went into it:

680i evga

Intel E6600

evga 8800GTS

2GB 800MHz RAM

2x160BG HD

I work with VMware when I get the chance. It works nice, but I haven't really tried to do much networking between virual machines. (It is possible, right?) Virtual machines are quite nice, but I where my knowledge ends are routers. How much can a person know about networks if they have never configured a router? Believe it or not, I haven't. I wish there was some program that was able to emulate networks on a much broader scale. (Where you could add switches, servers, routers, etc. at any point on the network.)

0

Share this post


Link to post
Share on other sites

That machine ought to scream with VMWare.

Complex networks are going to be difficult to set up in the free VMWare Server edition, however VMWare Workstation 6 has support for some more advanced configurations. Check out the user manual for it to see if it would support what you want. You can have multiple virtual machines, and virtual switches. You won't get anything like a Cisco router, although you could use a Linux VM as a router.

For most scenarios, I can come up with a simplified virtual network with a couple of VMs that I can use to test an attack or technique, and have that serve as a proof of concept that could scale to larger networks.

0

Share this post


Link to post
Share on other sites
I made friends with the Principal and Superintendent (and also the Dean).

To tell the truth I was the one who hardened the whole system and even made our spying software access differently so that computers would not lag when being spied on

My name is Davis and I'm a Geek Squad agent.

I'm currently pursuing my dream of becoming a Cisco networking analyst.

/votedraw /votehang /votequarter

0

Share this post


Link to post
Share on other sites

Did you...have a problem with my choice of wording?

0

Share this post


Link to post
Share on other sites

Glad to be of some use :)

Active directory is pretty simple. Rather then storing your password and user details locally on the machine. The are stored on the active directory server. Workstations are setup and "join" the domain. The workstations now have a full trust with that server. Now when a user log's in the workstation connects to the server and validates the login. The details and profile for that user are pushed down. The security policy's pushed down are actually just registry settings pushed via group policy's. The ones you described are included with 2003 server but pretty much any reg edits can be pushed down in this fashion.

Pretty cool for an admin because the can manage the workstations from one place basically.

Wiki for a high level, follow the body links on anything you don't understand....

http://en.wikipedia.org/wiki/Active_Directory

The Microsoft knowledge base has loads and loads of fixes and related information. Google it, and if your really itching to learn run 2003 server in vmware and set up your own domain, then run another vmware instance of xp pro and join the domain. Run wireshark on the hosting box and watch what goes no between them. The network layer is a fun place and is a good place to get started.

With this setup push policy's change configs, basically learn it... You're gonna need this experience in IT, even if your a Linux guy it won't hurt your resume. The nice thing with vmware is that you can pause and save state. Useful for comparing changes made and replaying actions. This won't make you a hacker or "teach you to much". Anyone who worries about "teaching to much" is an asshat. Fuck 'em learn it yourself, you'll probably figure out more then they'll ever know in a month or two... Teaching is good because students provide just as much insight to the teacher then the teacher does the student....

-------------------------------------------------------------------------------------------

DNS is pretty simple... Don't be intimdated.... Basically DNS is Domain name service. It converts www.pr0nsite.com to the IP address the actual computer uses. Ipconfig will show you your DNS server.

But ok how/why does it work... First off computers only talk to IP address's thats how they talk over the Internet.

http://en.wikipedia.org/wiki/Internet_protocol_suite

But humans hate working with numbers... Imagine typing in and remembering 69.59.25.200 every time you come to this site to check the forum?

Imagine granny needing to do it? Life would suck (cuzz granny would always need your help to do it)

So some great thinkers said hey why cant we just use words instead. And DNS was born.

Remember computers still talk with just IP address's so all those words have to match up to an IP somewhere. But heres how the DNS system works. Your computer has a DNS server assigned to it. When it sees www.pr0nsite.com its going to ask its "host file" (look it up) if that site has an IP if not its going to ask your dns server. The dns server will look for a dns record for that site... If it doesn't have a record locally its going to need to go out and find that IP for you.

So globally its pretty simple. You have your root authority denoted by the "." at the end of every dns address.. We don't use a "." at the end but lets just imagine.

www.pr0nsite.com.

The dns server . will hold records for the other dns servers like .com .net .org .us. and so on...

Then the com. server will hold a record for the pr0nsite domain. pr0nsites name server will have a record for www.

So you time www.pr0nsite.com in your browser. If its not in your host file stored locally on the dns server. Your dns server is going to go out and find the site for you. If it doesn't know an IP for the .com dns authority either its going to ask root authority.

Hey . do you have the DNS server name for com.? The root authority will give the IP of the dns authority for .com.

Now your dns server will go to the .com server and say:

Hey com. do your have the dns authority for pr0nsite.com.? it gives the IP of the DNS server there....

Finally your dns server will ask:

He pr0nsite.com. whats the dns record for www.pr0nsite.com.? hopefully that server has a record, if so then it will give your DNS server the IP of the website your visiting. Now your computer knows how to get to where it wants to go... and you get to the pr0nsite :)

Its a little more involved then that but you get the picture. For more read:

http://en.wikipedia.org/wiki/Domain_name_system

If you like to code and really get down and dirty with dns, read the request for comments....

http://www.dns.net/dnsrd/rfc/

--------------------------------------------------------------------------------------------------------------------

My current problem is understanding whether the unauthorized admin logins are logged on the server, and if there is a way to work around this. You have the ability to login as the local machine, and I think that if I disconnect the Ethernet cable, login, and then reconnect to establish network functions that it would probably omit me from the logs, although I cannot be sure of this.

Disconnecting the Ethernet cable isn't going to do anything. The computers going to try and check active directory... If it can't reach the server its going to check to see if the passwords been cached localy... If not its going to deny you access. By changing the domain and logging in locally your bypassing the active directory account and using an account on the machine. The account that you stole the password from with the boot cd :) Its probably not going to help you access the Internet any better if you have to hit a separate proxy to go out but i like to live by the philosophy "you never know what an admin decided to implement(or how)"

You are right. I am doing my best to learn as much as I can, and I am really coming to the realization that things are not as I think they are. I am eager, and I am arrogant, but I know that I have potential, and I really want to make use of it. Circumstances have just proved to be difficult, having parents who hate computers, being kicked out, having no money, no job, no computer and just wanting to find SOME way to access the internet, and SOME way to mess around with networks. School isn't the best place, and I see that now. I guess my only option is just to read and research until someday I am fortunate enough to have my own networks to mess with.

Sounds like computer problems are the least of your worries at the moment.... Make Friends with your local librarian and get some good books on computers... Learn the basics bro.... Do it when you have time... Just relax, shit has a way of working out. Do what you need to do in school.... College sucks a lot less then high school and your going to need the advanced math and science background in your midnight computer sessions.....

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now