Passwords - Page 6
Page 6 of 6 FirstFirst ... 456
Results 51 to 59 of 59

Thread: Passwords

  1. #51
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    When all else fails; http://antionline.com/showthread.php?t=244039


    Classic oldies!
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  2. #52
    Junior Member
    Join Date
    Feb 2008
    Posts
    4
    Nihil, you just dropped some serious knowledge, I believe in the Queen's English you can say I got "served".

    Jokes aside, you bring up some good points, and here's some more info about my situation. I'm actually doing a paid clinical drug trial (hence the sn) that's taking place in an adjunct to a proper hospital. And while I'm sure that all the HIPAA still applies, they're not running a particularly tight ship. I'm fairly certain that the only reason the content filtering was installed was to keep all us sequestered guys from watching pron on the computers in the community room. I think that it was probably configured out-of-box by whoever installed the network and they're not spending much time monitoring the traffic for security threats.

    That being said, I'm fairly confident that if I manage a workaround on my personal lappy, no one will notice or care. And it gives me a fun little challenge

    So if you can think of a good ssh tunneling option that I can run on my older mac running 10.3, I'll start there.

    Oh, and the best cheezburger reference I've seen is a Shepard Fairley Barack Obama poster that has the tagline "Yes We Can Has".

  3. #53
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    And while I'm sure that all the HIPAA still applies, they're not running a particularly tight ship.
    1. It certainly does, along with the State regulations.
    2. How do you know?

    I'm fairly certain that the only reason the content filtering was installed was to keep all us sequestered guys from watching pron on the computers in the community room.
    I doubt that. It is more likely to be an across the board policy applied to certain areas of their infrastructure. That is, of course, based on my UK experiences.

    and they're not spending much time monitoring the traffic for security threats.
    A very dangerous and foolish assumption IMO. A bit like fitting security locks and leaving the door .open?

    That being said, I'm fairly confident that if I manage a workaround on my personal lappy, no one will notice or care
    Please see above.

    And it gives me a fun little challenge
    Unfortunately, people in positions of authority might not see it that way. In fact, I would go as far as to say that they certainly won't.

    So if you can think of a good ssh tunneling option that I can run on my older mac running 10.3
    Sorry, I don't do MACs but please see my comments below.

    I'll start there.
    And be finished shortly afterwards I would imagine

    You do appreciate that this content filter is only the tip of the security iceberg?............. an exceptional internet usage, port usage or internet traffic report does not take long to read. I would be very surprised if SSH traffic did not stand out like a sore thumb.

    Also, I guess you will really be "Mr. Popular" with the rest of the guys when you get internet privileges withdrawn completely?

    You are getting paid right?................. just look on it as part of your terms and conditions of employment. Hey if you get caught breaking rules you might not even get paid?...............read the small print first.

    The only thing I can suggest is that if you have a 56.6 dial-up modem in your MAC you just plug it into a regular phone socket, assuming that there is one available. That would not compromise the network security, and would ordinarily go undetected as anything different from a regular phonecall.

    EDIT:

    On the other hand, if you are right and they really don't care, then just ask them for the password. I guess that building is used for a variety of purposes, that might involve minors from time to time, so the site default is to have the filter on at all times.

    In other words it is a case of regulatory compliance regarding minors rather than a true security or HIPAA issue.
    Last edited by nihil; February 8th, 2008 at 01:45 PM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  4. #54
    Senior Member
    Join Date
    Oct 2007
    Location
    do a whois search on my ip...
    Posts
    268
    nihil is right... Working your way around parental security measures is one thing, but tampering with government (hospital) networks is definitely not something you should try!

    It is possible that it is just a small network setup by the company employing you, or connecting to a larger network! Remember, admins love catching people on their networks =)

    stick to playing tetris on your phone! (closest thing your getting to java lol)

    get well soon!

  5. #55
    Junior Member
    Join Date
    Feb 2008
    Posts
    4
    Gentlemen, thanks for the input. Unfortunately I had a bad reaction to the trial drug and I'm posting this from BEYOND THE GRAVE.

    But seriously, you guys are right, and I'll leave the hackering to the pros. Fortunately, there are 4 different trials going on in here and there is a remarkable cross section of humanity to interact with (spinal taps and schizophrenia drugs are two of them). I just talked with a friend of mine who works in production and I think there is enough fodder here to write a script for a tv pilot, which is also a great way to pass the time.

    Thanks to you guys for helping me kill a few hours, I will treasure your witty replies forever.

  6. #56
    Junior Member
    Join Date
    Feb 2008
    Posts
    4
    Hey gang, I just realized a really easy workaround, especially if you only want to peruse a blocked site, like BoingBoing. Just search for the site on Google, then have Google provide you with the cached version. Even works for the naughty bits.

  7. #57
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    That is neat,

    I don't know your laws in any detail but I would say that they have met their legal obligations and you have not violated them.

    I guess that they could not have told you, even if they knew, because that would have compromised their position?

    Glad you found a solution. Now, regarding this clinical trial you are participating in? ........... I really don't know how to put this to you gently...............

    Those tentacles emerging from your nether regions?.............. well, they are not haemorrhoids........
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  8. #58
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    LOL!
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  9. #59
    Senior Member Cope57's Avatar
    Join Date
    Nov 2003
    Posts
    186
    This may or may not be useful to the original thread starter since he has not been on for a month now, but here goes.
    TOR you could try something like the Default Password List. One nice thing about the list is it is always updated. I just could not tell you how often though. They date the page when last updates were done, and most times it is less than two months old.

    It will only help if the passwords were never changed from the original configuration, but it is still a nice list to have bookmarked.
    Computers do not have problems, they have users.
    ~Cope57

Similar Threads

  1. Tips
    By XTC46 in forum Site Feedback/Questions/Suggestions
    Replies: 15
    Last Post: August 24th, 2005, 07:52 PM
  2. Intro to securing Free BSD Part 2
    By gore in forum The Security Tutorials Forum
    Replies: 14
    Last Post: May 25th, 2005, 04:01 AM
  3. Secure Passwords Tutorial
    By NeonWizard in forum The Security Tutorials Forum
    Replies: 5
    Last Post: August 13th, 2004, 06:54 PM
  4. Creating and Managing passwords
    By DeadAddict in forum The Security Tutorials Forum
    Replies: 3
    Last Post: November 23rd, 2003, 11:19 PM
  5. Passwords and Policys
    By instronics in forum The Security Tutorials Forum
    Replies: 3
    Last Post: January 23rd, 2003, 11:54 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides