February 8th, 2008, 07:18 AM
February 8th, 2008, 07:52 AM
Nihil, you just dropped some serious knowledge, I believe in the Queen's English you can say I got "served".
Jokes aside, you bring up some good points, and here's some more info about my situation. I'm actually doing a paid clinical drug trial (hence the sn) that's taking place in an adjunct to a proper hospital. And while I'm sure that all the HIPAA still applies, they're not running a particularly tight ship. I'm fairly certain that the only reason the content filtering was installed was to keep all us sequestered guys from watching pron on the computers in the community room. I think that it was probably configured out-of-box by whoever installed the network and they're not spending much time monitoring the traffic for security threats.
That being said, I'm fairly confident that if I manage a workaround on my personal lappy, no one will notice or care. And it gives me a fun little challenge
So if you can think of a good ssh tunneling option that I can run on my older mac running 10.3, I'll start there.
Oh, and the best cheezburger reference I've seen is a Shepard Fairley Barack Obama poster that has the tagline "Yes We Can Has".
February 8th, 2008, 01:29 PM
1. It certainly does, along with the State regulations.
And while I'm sure that all the HIPAA still applies, they're not running a particularly tight ship.
2. How do you know?
I doubt that. It is more likely to be an across the board policy applied to certain areas of their infrastructure. That is, of course, based on my UK experiences.
I'm fairly certain that the only reason the content filtering was installed was to keep all us sequestered guys from watching pron on the computers in the community room.
A very dangerous and foolish assumption IMO. A bit like fitting security locks and leaving the door .open?
and they're not spending much time monitoring the traffic for security threats.
Please see above.
That being said, I'm fairly confident that if I manage a workaround on my personal lappy, no one will notice or care
Unfortunately, people in positions of authority might not see it that way. In fact, I would go as far as to say that they certainly won't.
And it gives me a fun little challenge
Sorry, I don't do MACs but please see my comments below.
So if you can think of a good ssh tunneling option that I can run on my older mac running 10.3
And be finished shortly afterwards I would imagine
You do appreciate that this content filter is only the tip of the security iceberg?............. an exceptional internet usage, port usage or internet traffic report does not take long to read. I would be very surprised if SSH traffic did not stand out like a sore thumb.
Also, I guess you will really be "Mr. Popular" with the rest of the guys when you get internet privileges withdrawn completely?
You are getting paid right?................. just look on it as part of your terms and conditions of employment. Hey if you get caught breaking rules you might not even get paid?...............read the small print first.
The only thing I can suggest is that if you have a 56.6 dial-up modem in your MAC you just plug it into a regular phone socket, assuming that there is one available. That would not compromise the network security, and would ordinarily go undetected as anything different from a regular phonecall.
On the other hand, if you are right and they really don't care, then just ask them for the password. I guess that building is used for a variety of purposes, that might involve minors from time to time, so the site default is to have the filter on at all times.
In other words it is a case of regulatory compliance regarding minors rather than a true security or HIPAA issue.
Last edited by nihil; February 8th, 2008 at 02:45 PM.
February 8th, 2008, 09:48 PM
nihil is right... Working your way around parental security measures is one thing, but tampering with government (hospital) networks is definitely not something you should try!
It is possible that it is just a small network setup by the company employing you, or connecting to a larger network! Remember, admins love catching people on their networks =)
stick to playing tetris on your phone! (closest thing your getting to java lol)
get well soon!
February 9th, 2008, 06:48 AM
Gentlemen, thanks for the input. Unfortunately I had a bad reaction to the trial drug and I'm posting this from BEYOND THE GRAVE.
But seriously, you guys are right, and I'll leave the hackering to the pros. Fortunately, there are 4 different trials going on in here and there is a remarkable cross section of humanity to interact with (spinal taps and schizophrenia drugs are two of them). I just talked with a friend of mine who works in production and I think there is enough fodder here to write a script for a tv pilot, which is also a great way to pass the time.
Thanks to you guys for helping me kill a few hours, I will treasure your witty replies forever.
February 15th, 2008, 12:29 AM
Hey gang, I just realized a really easy workaround, especially if you only want to peruse a blocked site, like BoingBoing. Just search for the site on Google, then have Google provide you with the cached version. Even works for the naughty bits.
February 15th, 2008, 01:10 AM
That is neat,
I don't know your laws in any detail but I would say that they have met their legal obligations and you have not violated them.
I guess that they could not have told you, even if they knew, because that would have compromised their position?
Glad you found a solution. Now, regarding this clinical trial you are participating in? ........... I really don't know how to put this to you gently...............
Those tentacles emerging from your nether regions?.............. well, they are not haemorrhoids........
February 15th, 2008, 02:46 PM
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
February 16th, 2008, 06:23 PM
This may or may not be useful to the original thread starter since he has not been on for a month now, but here goes.
TOR you could try something like the Default Password List. One nice thing about the list is it is always updated. I just could not tell you how often though. They date the page when last updates were done, and most times it is less than two months old.
It will only help if the passwords were never changed from the original configuration, but it is still a nice list to have bookmarked.
Computers do not have problems, they have users.
By XTC46 in forum Site Feedback/Questions/Suggestions
Last Post: August 24th, 2005, 08:52 PM
By gore in forum The Security Tutorials Forum
Last Post: May 25th, 2005, 05:01 AM
By NeonWizard in forum The Security Tutorials Forum
Last Post: August 13th, 2004, 07:54 PM
By DeadAddict in forum The Security Tutorials Forum
Last Post: November 24th, 2003, 12:19 AM
By instronics in forum The Security Tutorials Forum
Last Post: January 23rd, 2003, 12:54 PM