Re: Proof that firewalls can be circumvented
From: Charles Newman (charlesnewman1@attbi.com)Date: 07/07/02
- Next message: freeunix: "how to use blackice to protect my lan ?"
- Previous message: Marc Smith: "Re: McAffe 6 vs. ZoneLabs?"
- In reply to: : "Re: Proof that firewalls can be circumvented"
- Next in thread: Morgan Pugh: "Re: Proof that firewalls can be circumvented"
- Reply: Morgan Pugh: "Re: Proof that firewalls can be circumvented"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Charles Newman" <charlesnewman1@attbi.com> Date: Sun, 07 Jul 2002 10:02:00 GMT
"Morgan Pugh" <mpugh@ntlworld.com> wrote in message
news:yHKV8.26566$MM5.2731900@newsfep2-win.server.ntli.net...
> You obviously have no idea about proxy filtering, and your friend is
walking
> on a very thin rope with no support over a very deep hole which if she
falls
> into will probably never get out of (basically she is looking to get
herself
> fired for breeching network security, a MAJOR issue in the UK and US and
> probably everywhere else, i wouldnt hire ANYONE if they had been fired for
> something related to a breech in security, that is me though i guess some
> people will)
Of course, finding out that someone was fired for something like that
might
be difficult. Becuase everybody is so sue-happy in the U.S., many employers
will not give any reference, one way or the other. They will only say that
the person worked there, but will not go beyond that. There is just too
much liability in giving any reference one way or another. They will only
give "Name, Rank, and Serial Number", and that is it. Employers can, and
do, resort to illegal means to get the information. I have heard of a :"rent
a hacker" service, supposedly based in the Middle East, that will break
into any computer, and steal any information, for about $2000.
>
> your friend is probably just using Bouncer or another similar program
which
> just opens a port and forwards all data from it to another destination, it
> isnt clever and even very poor admins know about it as it is so easy and
> mentioned alot on the internet. The logs will have it recorded and she
WILL
> get caught one day, just because they have not caught her yet (or told her
> they have evidence) does not mean she is in teh clear, they might just be
> waiting until she gets caught saying something she shouldnt, or sending
> someone copyrighted software etc. alot of companies wait until the
employee
> does something illegal such as mention classified company data which they
> have signed a contract of confidentiality. This would mean the employee
> would probably NEVER get another job. Companies DO DO THIS! i have seen
very
> similar things with phone conversations being recorded, all the other data
> "gets lost" and they say they got the evidence during a "routine employee
> security check" etc.
>
> If i was you i would ask your friend a question, is chatting on IRC worth
> her job? i HIGHLY doubt it is!
Hey, before the admins at that site fixed their system not to show a
person's internet address in the output of /whois, I used to see a lot of
people there logged on from corporate networks. In fact, their heaviest
traffic has always been during the daytime. I was taking one computer
class at the time, and I was practicing the tracert command in Windows,
and I tested it on people who were logged onto the chat server, and
it was amazing how many were logged from workplace networks, it
just boggled my mind how many people were surfing that chat site
from their workplace. I found that site when I was doing a research
paper on the subject of such surfing, in college, and did find on
virtually all the adult chat servers, that people were logged in from
corporate networks, and in large numbers.
This guy also installed a Java-based "secret" gateway, for a
monthly subscription fee, that will allow you to surf his sute from
work and not be detected. It uses non-standard ports, and
encrypted data packets, so that packet sniffers, such as Snort, will
not be able to detect what you are doing. Bascially, somebody could
be using this "secret" gateway to surf his chat site, from your corporate
network, and you would never detect it. He designed it, so that it would
sneak under Snort, or any other packet sniffing program. Encrypted
data packets render programs, such as Snort, useless in detecting
such data. He built his system to evade corporate filtering.
Someone could be using this "secret" gateway from your corporate
network right now, and you would not be able to detect it.
>
> I think people who, at work, use IRC, Napster (or alike) etc are stupid,
> they can wait until they get home to use it, if not they need professional
> help.
> "Charles Newman" <charlesnewman1@attbi.com> wrote in message
> news:srlV8.410007$352.53049@sccrnsc02...
> >
> >
> > On one adult chat room I like to go to, there is one woman who gets
> > around her
> > company firewalls to get on during the day, and her company has no CLUE
> she
> > is doing this. What she does is set up a proxy sever on her home PC, and
> > then
> > configures mIRC on her work PC to go through the proxy on her home PC,
to
> > get to the chat room. She also sets the listening ports on her proxy on
> > ports
> > other than 23 or 1080, so her activities are far less likely to be
> noticed.
> > Since her home PC is being used to access the chat room, the admins
> at
> > her
> > company are CLUELESS to what she is going. So to all your admins out
> there,
> > who invest tens of thousands dollars on filtering software and
firewalls,
> > just be aware
> > that one astute user, like this woman, can get around it, and you will
> never
> > know
> > what they are up to.
> >
> >
> >
>
>
- Next message: freeunix: "how to use blackice to protect my lan ?"
- Previous message: Marc Smith: "Re: McAffe 6 vs. ZoneLabs?"
- In reply to: : "Re: Proof that firewalls can be circumvented"
- Next in thread: Morgan Pugh: "Re: Proof that firewalls can be circumvented"
- Reply: Morgan Pugh: "Re: Proof that firewalls can be circumvented"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
