0
Andy_Copland

VPN Tunnel (IT Help)

By Andy_Copland, in The Bonfire

Recommended Posts

Andy_Copland    0

Andy_Copland
A while back i got cut off at work for post whoring.

Well one of the guys who heads up IT put another computer in the office that has net. I told him i was cut off for post whoring and he said download VPN Tunnel, saying that if installed onto the computer i can browse and do what the fuck i want as the filter wont work.

Anyone know about this?
1338

People aint made of nothin' but water and shit.

Until morale improves, the beatings will continue.

Share this post

Link to post
Share on other sites

Icon134    0

Icon134
he's refering to a Virtual Private Network... for example I can log in to the PC at my home and in theory use that network to got places that I wouldn't be able to while at work.

because I'm using that computers resources to connect... but its not the most efficient manner to communicate with the outside world. I imagine your friend is suggesting you use the computer that is allowed to connect to dz.com to get to the internet... but that's just my guess and I could be wrong... it sounds pretty inefficient as well as being somewhat of a resource hog...
Livin' on the Edge... sleeping with my rigger's wife...

Share this post

Link to post
Share on other sites

eeneR    1

eeneR
Right but I think the concern should be that he was "slapped" for postwhoring.

Technically I would think that if management wanted to be pissy, you can get fired for installing and using VPN to another system on company property [:/]. Trying to circumvent restrictions put on him for breaking rules.

But that is for him to determine. If he wants to take that risk.
She is not a "Dumb Blonde" - She is a "Light-Haired Detour Off The Information Superhighway."
eeneR
TF#72, FB#4130, Incauto

Share this post

Link to post
Share on other sites

mnealtx    0

mnealtx
Quote

The computer in question is used by about 7 people and many can have access to it. There is one login.



Yes, but they will still have logs of when the program was accessed. Unless various people are literally on and off the computer all day long, it's not hard to correlate program usage against a specific person...even with a shared logon.
Mike
I love you, Shannon and Jim.
POPS 9708 , SCR 14706

Share this post

Link to post
Share on other sites

McDuck    0

McDuck
Most VPN's are point to point, be it via a "dial-in" basis where people use a client software to create a secure tunnel to a protected resource behind one or more firewalls, or via routers or other VPN devices at either end that create the encrypted tunnel between resources. For instance, I install and maintain VPN connections for grade and middle schools to access each other and the Internet via a much larger backbone. We don't want the traffic from either side, theirs (the schools') or ours, to "touch" each other, so I create tunnels across our backbone that allow their traffic to pass across our network infrastructure to each other and beyond without actually touching our network traffic. But even with "dial in" access via a client piece, you must know the end piece you are trying to connect to and either have an account at that end or otherwise have access to that distant end by way of their policies.
Kevin - Sonic Beef #5 - OrFun #28
"I never take myself too seriously, 'cuz everybody know fat birds don't fly." - FLC
Online communities: proof that people never mature much past high school.

Share this post

Link to post
Share on other sites

ToyMaker    0

ToyMaker
yup... very inneficient. The only reason I can think of why they might want to do something like that, would be to bypass some sort of PORT blocking rule that has no IP Addr specified for source or destination traffic. If your deal is browsing blocked sites, THEN the most efficient way to do that is Proxying yourself through a free anonymous proxy service in the internet. There are tons of them and the Content filtering rules/devices usually have a hard time keeping track of all of them.
Anyway, if the IT admin is a real BOFH he can very easily... (ammong other stuff)...
-Disable changing Proxy server settings for IE (or other funky shit) through domain policies
-Enforce FW rules with SRC and DST ip Addresses and DENY all others
-BLOCK all other outgoing protocols to make sure you dont tunnel yourself through VoIP protocols for example.
-Use Content filtering devices that upgrade on a daily basis
-AND finally, plug in an IPS device that can correlate events as to catch all the bad things you do MORE THAN ONCE.

Believe me... he can really screw with your life if he has the knowledge for it... but then again, that does not happen really often. Thats why we, security consultants, have TONS of work and have so much fun screwing others ;):D:D
_______________________________________
White cute poodle puppy found. Approximately six months of age. Blue collar but no tags. Very friendly.
Tasted like chicken

Share this post

Link to post
Share on other sites

eeneR    1

eeneR
Quote

This isnt a morality question, we all know i have none :P

I just want to be able to read dropzone while at work without fear of getting spanked by the aging witch of a boss :D



That is my point, there is a good chance that you will get spanked and possibly fired. If you have been warned once already, this is taking it a step further. Which could cost you your job.

If it were just a general rule slapped down on EVERYONE might be a bit different ;)

Not morality, just common sense. Take the risk if you don't think they will take this another level higher, just remember you are tampering with company equipment is all.

We all sneak around and do things we shouldn't ;)
She is not a "Dumb Blonde" - She is a "Light-Haired Detour Off The Information Superhighway."
eeneR
TF#72, FB#4130, Incauto

Share this post

Link to post
Share on other sites

ToyMaker    0

ToyMaker
Quote


What about VNV Viewer? Im sure he said something like that... maybe...



You are probably referring to VNC. This is a small, very insecure piece of software used to take control over a remote system. This was used as a Troyan horse like software before there were any troyans... or before they became so popular. I dont believe that your home computer will last more than a DAY if you use that... I mean... you WILL be able to remotely control it from your office, but so will lots of other people you dont know :D
_______________________________________
White cute poodle puppy found. Approximately six months of age. Blue collar but no tags. Very friendly.
Tasted like chicken

Share this post

Link to post
Share on other sites

klafollette    0

klafollette
I believe you are refering to VNC. You can read up on it and get links to downloads at http://en.wikipedia.org/wiki/VNC

Using VNC, Windows XP Remote Desktop (RDP), GoToMyPC, etc. all do basically the same thing, let you remote control another PC somewhere else over a network connection, which may be over a VPN (encrypted tunnel), SSL encryption, or not.

Assuming for the moment that you have a PC at home, that is always on, connected to the Internet over a broadband connection (DSL, Cable, Wireless, etc), you could install the remote control server piece on you r home PC, may need to open ports or do IP forwarding on your Internet router to allow inbound connections from the Internet to your PC.

Then you install the appropriate remote control client on your work computer. When you connect to your home computer, you effectively have a remote view into the screen of your home PC. If you launch a web browser on your home PC (remotely from your work PC), the work network staff will only see a connection from your work PC to the home PC, but if you surf websites using the browser on your home PC, they won't know where your going from there. Assumiing you use a product that is encrypted, they won't be able to sniff the content of your activities either (unless there is a keyboard logger installed on your work PC). The networking guys will only see the connection from work to an obscure IP address, they won't see that you're browsing www.britneyspearswithoutpanties.com on your home PC. That browsing session only goes from your home PC to the target website.

This all assumes that your work firewalls don't block the remote control ports that a given product uses, or restricts your ability to install software. That might require some experimenting.

www.gotomypc.com might be the simplest, since it doesn't require a client, and should work over ports that are already open at work, namely port 80 (http) and port 443 (https SSL).

Hope that helps.

Share this post

Link to post
Share on other sites

ToyMaker    0

ToyMaker
Quote

Assumiing you use a product that is encrypted, they won't be able to sniff the content of your activities either (unless there is a keyboard logger installed on your work PC)



This is not ENTIRELY true... it might have been several years ago, but its no longer true. Content filtering devices, IPSs and other Traffic/protocol fingerprinting systems, do actually use a MIM (Man in the middle) kind of technique to monitor SSL and/or encrypted traffic while retaining true end-to-end SSL-based security. B|
Its VERY easy to block this kind of traffic... but... as I said before, this kind of admins, are not THAT common.
_______________________________________
White cute poodle puppy found. Approximately six months of age. Blue collar but no tags. Very friendly.
Tasted like chicken

Share this post

Link to post
Share on other sites

ToyMaker    0

ToyMaker
There you go... Free proxy Service.:)Nice link!! you dont have to change any proxy settings and it does remain proxying your connection even if you press links and/or log into a webpage. Awesome!! ;)
_______________________________________
White cute poodle puppy found. Approximately six months of age. Blue collar but no tags. Very friendly.
Tasted like chicken

Share this post

Link to post
Share on other sites

Johnsisland    0

Johnsisland
Quote

A while back i got cut off at work for post whoring.

Well one of the guys who heads up IT put another computer in the office that has net. I told him i was cut off for post whoring and he said download VPN Tunnel, saying that if installed onto the computer i can browse and do what the fuck i want as the filter wont work.

Anyone know about this?



Yep. I know that if your boss wants to can your ass, and you try some of these ideas, the boss can see what you are doing much easier than you would guess.

What type of remote support software does your company use? I can look at work PC's without the user knowing I am watching them. There are sooooooo many programs to do that with.

And the VPN tunnel...well it has to point to your somewhere, right? Do you think it would be very hard to figure out where that VPN tunnel is connecting to?

Search the web for "packet sniffing", and see what you think about that. I was searching for network problems, and I found one of my guys working the late shift chatting for a few hours. He was supposed to be training a new guy, and getting his rear back on days and a bit more productive work.

If you don't care about the job, just surf from the non-restricted PC. If you want to hide your sneaking around the rules, try a proxy server, set up a VPN tunnel (although I wouldn't have guessed you have a VPN server at your home, most people don't), or one of the other suggestions above.

I think the simple solution is to surf without any sneaky stuff, wait for someone to figure out what you are doing, and then you can find a new job where you can surf without any restrictions.

But do google "packet sniffing." I think you might find it enlighting.

Just my uncensored two cents worth of crap for you.

J

It wouldn't bother you if your sneaking around the restrictions caused a few problems on your companies network, right? Nothing like a notwork to make your coworkers day. Maybe your home network uses the same IP range as your work address. [:/][:/][:/][:/][:/]

Share this post

Link to post
Share on other sites

Fast    0

Fast
Quote

So this will let me view DZ.com and not get my arse chewed?



Not likely. All it is going to do is change the system logs from dropzone.com to proxyblah.com.

What your buddy was suggesting to you is that you create VPN connection to another computer that allows the outgoing traffic to be from that computer. That will work. The only thing that they are going to be able to tell is that you have an awfull lot of encrypted traffic going through the system. That in and of itself is a much bigger thing to be worrying about. Though they might not actually be watching for that kind of traffic.

One of my friends company just switched thier remote office over to a system that connects through thier home office. He has a linux box at home that he SSHs too and then tunnels all his web traffic through that. They don't know what he is looking at, just that he sends a lot of encrypted data. The bottom line of it all though is that is pretty easy to bust you on it.

There is just about nothing you can do on your computer to keep IT from knowing what you are up to. There are ways around just about everything that you could do to hide what you are up to. I would say to just do work while you are at work but that would be a little hypocritical. Being that I am in IT deleting and or parsing my traffic out of the web logs is something easy to do before anyone who would care can see them.
~D
Where troubles melt like lemon drops Away above the chimney tops That's where you'll find me.
Swooping is taking one last poke at the bear before escaping it's cave - davelepka

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
0
Go To Topic Listing