Re: Proof that firewalls can be circumvented
From: Morgan Pugh (mpugh@ntlworld.com)Date: 07/08/02
- Next message: Michael Andresen: "Re: Is stealth redundant?"
- Previous message: Don Grover: "Re: What's the deal with port 34?"
- In reply to: Charles Newman: "Re: Proof that firewalls can be circumvented"
- Next in thread: Charles Newman: "Re: Proof that firewalls can be circumvented"
- Reply: Charles Newman: "Re: Proof that firewalls can be circumvented"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Morgan Pugh" <mpugh@ntlworld.com> Date: Mon, 8 Jul 2002 18:18:18 +0100
firstly traceroute (tracert) shows YOUR connection to the internet,
basically it shows you how the system that trace route was run on how it
gets to the specified location, eg if i tracert yahoo.com it will go through
the LYNX Exchange etc as that is how i get there from my computer, if you do
it from a work computer of course it will show your company network, also
remember 99% of internet traffic goes through open routers that big
companies have and share for internet use, a company i worked for had
several routers which were used to transfer data for the whole city as they
had the capabilities.
Also if someone is fired for illegal activities etc, the employer CAN
mention it, it isnt slander etc, infact the employee is ment to mention it,
it is like if you go for a job and dont say you have a criminal record. Yes
alot of employers do use illegal services/PI before employing people.
Also not gateway is "secret" if you are using a companies computer
EVERYTHING you do is monitored, remember you are using there system, they
see everything that goes on, if it is encrypted and can still monitor it,
just not understand what is being sent. Also every company i know uses some
sort of remote administration tool, like an advanced VNC that runs in
stealth and cannot be disabled unless you are the local/network
administrator. I have seen this at my current job where people have been
caught showing porn to friends but using floppy disks and cdr to store them.
If you think you can bypass security systems you are stupid, if you knew
more than the administrators then you would probably have there job,
remember there is always someone who knows more than you and 99% of the time
it is the person you think who knows less. dont be stupid, dont let your
friend lose their job over IRC, it isnt worth it.
"Charles Newman" <charlesnewman1@attbi.com> wrote in message
news:skUV8.310864$6m5.296565@rwcrnsc51.ops.asp.att.net...
>
> "Morgan Pugh" <mpugh@ntlworld.com> wrote in message
> news:yHKV8.26566$MM5.2731900@newsfep2-win.server.ntli.net...
> > You obviously have no idea about proxy filtering, and your friend is
> walking
> > on a very thin rope with no support over a very deep hole which if she
> falls
> > into will probably never get out of (basically she is looking to get
> herself
> > fired for breeching network security, a MAJOR issue in the UK and US and
> > probably everywhere else, i wouldnt hire ANYONE if they had been fired
for
> > something related to a breech in security, that is me though i guess
some
> > people will)
>
> Of course, finding out that someone was fired for something like
that
> might
> be difficult. Becuase everybody is so sue-happy in the U.S., many
employers
> will not give any reference, one way or the other. They will only say that
> the person worked there, but will not go beyond that. There is just too
> much liability in giving any reference one way or another. They will only
> give "Name, Rank, and Serial Number", and that is it. Employers can, and
> do, resort to illegal means to get the information. I have heard of a
:"rent
> a hacker" service, supposedly based in the Middle East, that will break
> into any computer, and steal any information, for about $2000.
>
> >
> > your friend is probably just using Bouncer or another similar program
> which
> > just opens a port and forwards all data from it to another destination,
it
> > isnt clever and even very poor admins know about it as it is so easy and
> > mentioned alot on the internet. The logs will have it recorded and she
> WILL
> > get caught one day, just because they have not caught her yet (or told
her
>
> > they have evidence) does not mean she is in teh clear, they might just
be
> > waiting until she gets caught saying something she shouldnt, or sending
> > someone copyrighted software etc. alot of companies wait until the
> employee
> > does something illegal such as mention classified company data which
they
> > have signed a contract of confidentiality. This would mean the employee
> > would probably NEVER get another job. Companies DO DO THIS! i have seen
> very
> > similar things with phone conversations being recorded, all the other
data
> > "gets lost" and they say they got the evidence during a "routine
employee
> > security check" etc.
> >
> > If i was you i would ask your friend a question, is chatting on IRC
worth
> > her job? i HIGHLY doubt it is!
>
> Hey, before the admins at that site fixed their system not to show a
> person's internet address in the output of /whois, I used to see a lot of
> people there logged on from corporate networks. In fact, their heaviest
> traffic has always been during the daytime. I was taking one computer
> class at the time, and I was practicing the tracert command in Windows,
> and I tested it on people who were logged onto the chat server, and
> it was amazing how many were logged from workplace networks, it
> just boggled my mind how many people were surfing that chat site
> from their workplace. I found that site when I was doing a research
> paper on the subject of such surfing, in college, and did find on
> virtually all the adult chat servers, that people were logged in from
> corporate networks, and in large numbers.
> This guy also installed a Java-based "secret" gateway, for a
> monthly subscription fee, that will allow you to surf his sute from
> work and not be detected. It uses non-standard ports, and
> encrypted data packets, so that packet sniffers, such as Snort, will
> not be able to detect what you are doing. Bascially, somebody could
> be using this "secret" gateway to surf his chat site, from your corporate
> network, and you would never detect it. He designed it, so that it would
> sneak under Snort, or any other packet sniffing program. Encrypted
> data packets render programs, such as Snort, useless in detecting
> such data. He built his system to evade corporate filtering.
> Someone could be using this "secret" gateway from your corporate
> network right now, and you would not be able to detect it.
>
>
> >
> > I think people who, at work, use IRC, Napster (or alike) etc are stupid,
> > they can wait until they get home to use it, if not they need
professional
> > help.
> > "Charles Newman" <charlesnewman1@attbi.com> wrote in message
> > news:srlV8.410007$352.53049@sccrnsc02...
> > >
> > >
> > > On one adult chat room I like to go to, there is one woman who
gets
> > > around her
> > > company firewalls to get on during the day, and her company has no
CLUE
> > she
> > > is doing this. What she does is set up a proxy sever on her home PC,
and
> > > then
> > > configures mIRC on her work PC to go through the proxy on her home PC,
> to
> > > get to the chat room. She also sets the listening ports on her proxy
on
> > > ports
> > > other than 23 or 1080, so her activities are far less likely to be
> > noticed.
> > > Since her home PC is being used to access the chat room, the
admins
> > at
> > > her
> > > company are CLUELESS to what she is going. So to all your admins out
> > there,
> > > who invest tens of thousands dollars on filtering software and
> firewalls,
> > > just be aware
> > > that one astute user, like this woman, can get around it, and you will
> > never
> > > know
> > > what they are up to.
> > >
> > >
> > >
> >
> >
>
>
- Next message: Michael Andresen: "Re: Is stealth redundant?"
- Previous message: Don Grover: "Re: What's the deal with port 34?"
- In reply to: Charles Newman: "Re: Proof that firewalls can be circumvented"
- Next in thread: Charles Newman: "Re: Proof that firewalls can be circumvented"
- Reply: Charles Newman: "Re: Proof that firewalls can be circumvented"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
