Re: Blocking Unauthorized Remote Access



X-No-Archive: Yes

Leythos wrote:
In article <1159182786.342496.305710@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
chilly8@xxxxxxxxxxx says...
X-No-Archive: Yes

Leythos wrote:
In article <1159180429.869947.242170@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
chilly8@xxxxxxxxxxx says...
Well, what hour of the day I do my show depends on where I am in the
world. I was in the USA the other day, and was on during the "working
hours" in the western USA. That is when I had the caller from Vegas on
my program.

What you fail to understand is that many administrators look for just
that type of think - and streaming audio/video is very easy to spot.

Not if the bandwidth usage is kept very low. For a talk show, the
audio quality does not need to be that high. I use 24K on the live 365
feed, and the backup feed I have, that kicks on if Live 365 goes down,
streams at 10K.. Either way, the bandwidth usage is kept very low, and
wold not be stand out in any usage reports, becuase it will look like
ordinary Web traffic.

Wrong, it's easy to spot, the connection is maintained while the user
listens - it's very easy to spot. Any firewall/security setup that
doesn't allow unrestricted outbound will block your site also.

In the case of a properly configured security solution you would never
stand a chance of your show reaching the target people.

However, there are STILL the citywide public WiFi networks. One could
disconnect their workstation from the office network, and plug in to
the citywide WiFi network (if your city has one). Just disconnect the
computer fro the office network, plug in a USB wireless network card,
re-boot the system, and you are good to go.

Ha, Ha, Ha - and what makes you think that Admins don't monitor the
event logs for their nodes? What makes you think an admin would not see
the addition of a USB device in the event logs... What makes you think
that admins leave USB enabled on all machines...

However, if they machine is not connected to the network, there
are no event logs on the server. I am talking about disconnecting
entirely from the company network. If you are not on the network, there
is no event log.

Several of us, those that design secure networks, have already shown how
easy it is to block your data from being reached, as people become more
aware of that type of threat to productivity and security they will also
start blocking it.

A talk show would be hardly a threat to network security. About the
only ones that would consider our talk show a serious threat would be
the right-wing nutjobs who do not like my anti-Bush commentary.

Anything that is not approved, as a general rule, is a threat to
security. It's also a threat to productivity which an cost the company
even more in some cases.

Well, Live365 runs a secure network. Every time you switch the live
broadcasting, from automated "basic" mode, you are dynamically assigned
a new address for your users to connect to to listen. It does two
things. It improves security for their network, and it also makes it
harder for admins to stamp out. They may block one address and port for
a particular Live 365 live broadcaster, but the next time they go live,
there will be a new address that will require the admin to block, the
"whack a mole'" scenario as one user put it. To block Live 365 live
streams, admins wold be playing "Whack A Mole" all the time, as Live
365 dynamically changed the address a particular broadcaster was
assigned.

[snipped crap]

Anything that a user can do on a company network can and will be
detected if the company wants to see it. Streaming audio/video is the
easiest to detect, even at your low bit rate, and it's even easier to
block.

Wll, in the case of the one Fox reporter who called my show to chew
my ass out for my political beliefs, her use of an encrypted tunnel to
get to my show means her admins will NEVER know what she was doing on
that encrypted tunnel.

.



Relevant Pages

  • Re: Removing ping/icmp from a network
    ... vendors / admins / whatever. ... A ping sweep isn't the only way to do network exploration. ... which won't gain you any security. ...
    (Security-Basics)
  • Re: Permissions (EVERYONE POST TO THIS)
    ... I'm just a home user trying to run a peer-to-peer network ... Security concerns aside, why ... and log somebody in as administrator every time they want ... I don't allow other admins to dictate ...
    (microsoft.public.win2000.security)
  • Re: /etc/permissions
    ... > me that's just security by obscurity, ... some measures could create an additional difficulty for a malicious user. ... from a particular network, etc..). ... This way all admins who can read those files anyway by su-ing into root ...
    (FreeBSD-Security)
  • AW: How to stop Admins from sniffing ?
    ... I agree to and understand the arguments about security issues, ... Betreff: RE: How to stop Admins from sniffing? ... This would prevent network sniffing of web traffic only. ...
    (Security-Basics)
  • Re: Microsoft Announces Strategic Technology Protection Program
    ... Most Admins (at least ... the way *everyone* should do security. ... Every network is different and each ... KiXtart scripts is child's play by comparison. ...
    (Focus-Microsoft)