Re: Can't connect via VNC from work to home

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 02/16/05 

Date: Wed, 16 Feb 2005 13:50:41 -0600

In article <Xns95FED2DD3FC98juergennieveler@nieveler.org>, Juergen Nieveler
wrote:

>ejfudd820@hotmail.com wrote:

Oh, our self proclaimed expert on circumventing security.

>> However, you can boost the range with quite a number of antenna
>> designs. I have heard of a "stew can" antenna which is much more
>> efficient radiatior than a Pringles can. Someone could be using one of
>> these in a more distance part of the office.

who doesn't even understand the buzzwords - efficiency relates to losses
due to reflection coefficients, mismatch loss, resistive loss, and the
uniformity of the resulting pattern - generally speaking, how accurately
the antenna was fabricated. The word he wants is 'gain'. His experts in
the chatroom also don't understand the term 'wavelength' and how that
relates to the dimensions of waveguide style antennas. I surprised one
of the jerks hasn't spoken about the real killer antenna made out of a 33
gallon trash can (roughly 50 cm diameter, 90 cm tall) - it's so big it must
have a bazillion decibels of gain. Something like that gadget they advertise
to "turn your house wiring into a Giant TV antenna" - you know, the one
with a picture of a 100 meter radio telescope antenna in the background.

>While people would probably not notice somebody using a private laptop,

They would here.

>> This is why the company would probably need a spectrum analyser. If
>> someone is using a high-gain antenna and coming from a more distance
>> part of the building, they would need one of these to find the offending
>> computer.

The expert also has no concept of what spectrum analyzers are, what the
display of an 802.x link would look like on such a tool, nor how the signal
even reaches the display. Antenna patterns? Wazzat? That s00p3r 31337
toolz called 'NetStumbler'? Never heard of it.

>Not even then. The Admin would still notice an unknown MAC in the
>network - or did your friend sneak the MAC of the WLAN-card into the
>asset database?

Well, all of his buddies in that chatroom are really 31337 - so of course
they hacked in. The even figured out what financial reporting center the
hardware should be billed to. They learned that trick from Chris Stoll's
book.

>In an ActiveDirectory, the Admin could also notice that a machine
>registered in DHCP was not a member of the domain. He could see a
>workgroup where only domain members should be. He could see a machine
>that doesn't have an SMS agent on it.

We don't use DHCP, never mind windoze, but the passive fingerprinting tool
that we use would notice the intruder before it completed it's first three-
way-handshake.

>Plenty of ways to detect machines around the network that don't belong
>there - and if you find an unknown machine connected to a WLAN, the
>worst case scenario kicks in immediately: Script Kiddie alert, a
>wardriver has infiltrated your net. The Admins would conduct a thorough
>search of the area, and any computer without asset tag would
>immediately be confiscated.

It's not just the admins - security would be with us. And yes, we also do
an immediate autopsy on the confiscated box. Actually, last month we had
three false alarms like that - one of the IT techs setting up new systems
managed to typo the messages about new hardware. He no longer works here.

        Old guy