Gaming from the office (thought the router?)

[Lerm]

Hello everyone.
*ducks to avoid the empty jolt cola bottles hurled his way for starting a new thread.*

I'm trying to discover how (if possible at all) a user on my workplace network can successfully run an MMORPG.

The PC is new enough and will just barely meet the graphics demands of this online game (Shadowbane). The dilema is that the game requires connections on multiple ports. The network is 1 division of a government network and the harware routers at our sites are administered by a seperate IT Division. The IT Administrators within our division have complete control over everything INSIDE the routers but NOT access to the routers themselves. The IT Division is too busy to deal with "general inquiries" re: router configurations and which ports are open/blocked and frankly, I don't want to get anyone in trouble at that level... if it can be avoided.

What I want to know is this...
If the only firewall is at the router, and I don't have access to the router, is there anyway to detect/redirect port settings from a client inside the network to a gaming server that I cannot manipulate?

Here is the port info from the game as provided on their tech forum...

"In order for Shadowbane to function properly, the following ports need to be accessible for the IP addresses 216.98.58.20 & 216.98.58.65...
ports:
- 3360
- 5001
- 6000

If you do not have access to these ports, check with your internet service provider or your network administrator."

Any help at all here would be greatly appreciated.

[Tiger Shark]

First, there's ethereal.... Google it it comes straight up..... The filter you will use for the capture is as follows:-

net 216.98.58.20 && port 3360

3360 because it looks like the most unusual of the three. You might just want to try:-

net 216.98.58.0

if you think that the target net shouldn't get much traffic anyway.... if it shows traffic add the && port filter and rotate them till you get good hits. Ethereal will tell you who!

Second, there's Snort.

Set it's only rules to:-

alert tcp $HOME_NET any -> 216.98.58.20 3360 (msg: "Bad boy playing games"; flags: S; classtype: bad-unknown;)

Make six rules incorporating the port and the IP address combinations in each.

Snort can also kill the connection using flexresp. I don't use flexresp barely at all but if you want to kill the connection tell me and I'll write a rule for you.

NOTE: Both ethereal and Snort need to be able to see all the traffic going to the router so you might need to add a hub on the last hop to the router on a switched network.

Hope this helps

[nihil]

Errr.................

What makes you think anyone is doing this...............you do not seem to have much local control?

The network is 1 division of a government network

You post on this site..................then I neg your little ass off boy............you did not read the manual............you air government insecurities in public?............you have 48 hours to report what you know to your proper authorities, or I will do it to the ones I know.

Does 9/11 ring a bell in your tiny little brain?

You should be at least as competent as a 16 year old to ride a motorcycle?

EDIT:

I have given you positives to attrempt to protect you..............hey you should know better than what you posted?

[foxyloxley]

OK; I've tried to understand what's going on here, but I'm at a loss.
So; I'll just put down what I think I see, and you just let me know if I'm close ?

The initial question can be taken two ways:

1 - Lerm is Sys/Admin, and wants to stop users from playing with his system.
2 - Lerm is a user who wants to play online at work.

reply from TS, edited.

Original: read like he had posted to allow Lerm to access MMORPG.
Edited: now reads like he has set it to alert Lerm that someone is trying to reach MMORPG.

From nihil:

Allowing for the translation from nihilish:

He is P155ed that someone who works for the government would post an insecurity here, and not inform those above them of the problem.

But; he gives green to 'protect' as he is aware that others will see the post as 'troll fodder' and react accordingly. So, on the one hand he is telling Lerm off, yet at the same time he is giving Lerm a 2nd chance to redeem himself.

Lerms profile shows he is a mere child of 40, who IS sys/admin for government, whose interests are GAMING.

So; is this thread 'troll fodder', or is it a genuine attempt to learn how to make a system secure ?

For my 2c, Lerm: edit your post, add details of what EXACTLY you are after. bear in mind that as a newcomer to this site that people will NOT give out advice to 'bend' the rules, UNTIL you have proven to them that you have something to offer the site. And that you are going to stay around and share some of YOUR knowledge here.

In short: Don't ask dick questions until you have some posts under your belt, through which the membership can make up their mind about how they will respond to you.

Otherwise your membership stay will be short and not too sweet.

Oh yes, welcome to AO, and I hope you enjoy your time here as much as I do.

Jeez; now I've started to ramble out here as much as I do in cosmos. Time for a

[Tiger Shark]

What I want to know is this...
If the only firewall is at the router, and I don't have access to the router, is there anyway to detect/redirect port settings from a client inside the network to a gaming server that I cannot manipulate?

Nihil:

I think I answered his question admirably.... with emphasis on the "detect/redirect" part of the question..... Of course, I understand that the intent of the question might have been "malicious"..... I just answered it in the way it was couched.....

hey you should know better than what you posted

A government worker?????? You are shitting me.... aren't you.... Nihil..... Nihil.... Help.....

[Cybr1d]

Skill Set network administration, exploitive techniques, vulnerabilty testing
Work Experience State Government
Your Current Box P4 2.8 GHz, 1 Gig DDR Ram
Biography
Location Boston, MA
Interests Gaming
Occupation Senior Systems Analyst

Is this some kind of a joke? You'd think someone with the skillset in exploitive techniques and vulnerability testing, and network administrating would know better?

I seriously doubt this guy is who his profile says he is. Its probably just some freegin kid trying to get past the router at his school trying to play games at the computer lab or library.

:
:
:

WTF are you getting paid for? To play games and put the network at risk of outside intrusion? Stop your god damn screwing around and do your job. What company do you work for in Boston? Seriously, you should not be playing these games while at work. You can always ask the system admin to allow the ports used by the game open, if the admin doesn't see it as a security risk.

[Tiger Shark]

Cybrid:

Be nice... In big companies those analysts can get really bored....

[rcgreen]

If some user on your network (I presume you know who he is) is
playing games on his workstation, just uninstall it and tell him
to play at home.

Problem solved. If he reinstalls it, kick his ass.

[ZomBieMann77]

Ive seen that term exploitive techniques in somebody else's profile. I cant remember who. Some skiddie jackass that didnt last very long

[Lerm]

I found this site on Friday through a search engine. I dropped a question to see what the feedback would be. I never imagined such hostile responses would be "provoked"...

1. I am a Senior Systems Analyst for our agency's Helpdesk. Our small team provides network administration, software & application support (MS OfficePro & a proprietary Oracle database app with nearly 400 individual screens and a limited amount of hardware and network troubleshooting/support. (~80% of our calls are account or application related). The "skill sets" in my profile are the skills I'm working on developing/learning... I am a newbie here and in these areas... I hope I didn't insult anyone's sensibilities to much.

2. Re: the intension of the original question...

1 - Lerm is Sys/Admin, and wants to stop users from playing with his system.
2 - Lerm is a user who wants to play online at work.

The answer is BOTH!
I am trying to learn more about network security and do NOT want to open the network to potential threats. I was hoping to discover a way to allow a specific PC to makes the connections I posted WITHOUT opening a threat to the rest of the network.

Is it for gaming purposes @ work?... yes, it is. My supervisor is aware that the nature of our work often entails periods of "downtime" and he is also aware of and permits PC games on our individual machines. Yes, he's perhaps a rare person in that regard however, our employee retention and depth of our knowledge in our group is also rather extraordinary.

3. Undoubtedly, based on some of the responses, I've already received, some of you will feel compelled to flame me for reasons of your own. Some of you will simply believe that I'm lying. If this information is inappropriate to post on a public board but someone out there actually believes me and wishes to help me, then I would be happy to receive a PM re: this situation. I rather doubt that I'll be posting here again.