University LAN, I dont want to log in!

(This post serves in three ways: a short story, some interesting info and finally a quick question)

Right now I'm currently attending college and it seems like I’m the only student(even among CIS students) who has Linux running on his laptop or even desktop for that matter. So the problem lies in the schools newly developed Active Directory Domain this yr. From what I learned, there is no AD4UNIX implemented on the AD(since Linux is rare around here) so it is not possible to use resources on the domain from my Linux laptop. (or so I think? any more info/links about this?)

Every computer owned by the school along with student computers that are brought in, need to be logged into the domain, via a student username and password(Yes, SSN's mostly), in order to access the Internet, print, etc.

(The last 2 paragraphs were for background information, the real problem/my question is below)

On top of this, as a security feature, before any student can access the Internet, they are forwarded to a Univ. run webpage where you sign in w/ your account credentials. This boils down to assigning your computer with the appropriate network information, IP, DNS, GW, etc, upon successful login. Well I dont want to log in.

Before I continue, I found out that this isn't used to log and track students, it is just to insure that the public can not use(steal) the University's internet. Well thankfully, I'm a student. (Outside of this, if you make them mad, they will ban your MAC. Good thing I have "macchanger")

Well I want to learn something, so I found out you can bypass this weblogon in two ways. Steal an existing computers network info, specifically the computers MAC address(though knocking that computer offline) or just assigning yourself w/ the appropriate DNS, valid IP and gateway.

However oddly enough, every 15 minutes the DHCP server kicks me off of the network and gives me a garbage IP. An IP that does nothing but lead me back to the Sign in Webpage that I mentioned above. (But thankfully i just rerun my script to get me back onto the appropriate network w/o having to log into the annoying Web Login)

But since I have static network information that I assigned myself, who needs this pesky DHCP server anyway. So I used iptables to block all traffic going to or from ports 67 and 68 in hope of staying on the network a little longer. But no dice!

It seems, from ethereal logs(which I can post if anyone wants to see them), that my computer initiates the dhcp request for a new IP. How can this be? Why the short lease time from the DHCP, if that’s the case? Can i change this?(dhcp.leases maybe, haven't looked into it yet) And I'm positive my iptable entries were correct, why can't they stop the traffic? I know these questions are vague, but I'll try to be as helpful for any future questions.

As with the AD problem, thats another story/issue.

Cheers

Fusion

P.S.
I hope you have noticed, I have clear/white/curious intentions. Please don’t start flaming me. In order to learn you have to cross the boundary every once in a while.

Quote:

---

Outside of this, if you make them mad, they will ban your MAC. Good thing I have "macchanger"

---

So why the worry about logging in. Assign yourself a fake MAC, (not one stolen from the network), priot to logging in. If you peeve the admins and they block your MAC change it to a different one..... I don't see the point of jumping through any other hoops.

Very true TigerShark

But I'm trying to jump through more hoops, just for the sake of learning something. This might make me reckless or stupid, but what else am I going to do between classes.

I'll keep your comment in mind, because I do log in occasionally w/o trying to mess with everything. And spoofing my MAC couldn't hurt. (While keeping in mind, I AM trying to stay out of trouble here, not do anything stupid)

Thanks for the quick reply.

Fusion

Silly question.....

If you fake a "legal" MAC, login, do ifconfig and set the information as fixed rather than DHCPed does it still fail out every 15 minutes?

hmmm....

I'll get back to you on that one, good idea.

just don't run dhclient...
kill it if it's running and remove it from your hostname.if (or where ever it's assigned in linux).

and FYI, the reason dhclient still works even with your IPtables is that dhclient uses BPF (Berkeley Packet Filters) to communicate, thus bypassing network filters...


Ammo

Hey Hey,

Even if there's no AD4Unix implementation have you tried joining your computer to the domain using samba? It supports joining the Domain... and does work...

Anyways.. I'm too lazy to type out an explanation (in case you have tried it)... if you haven't let me know and I'll give you more details.


Peace,
HT

Hello fusion!
Firstly i will be not of much use to you here, but i want to know from where did u get "MACCHANGER", as even i want one for myself, and how do we use it.

Thanks
Harbir

There are freeware like smac which you can download from internet.
Or go to network neigh. and try with windows 2000 you can assign a mac value yourself, you dont need a tool.

I appreciate everyone’s quick responses. I was expecting to get flamed for my post and I’m glad I didn't.

To ammo, great idea. I had no idea and never heard of BPF. I'll be sure to try shutting down dhclient next time.


HTRegz: Ive used samba plenty of times before, but I'm not aware on how to connect to a Domain with it. I'm sure it can be too hard, and I'm going to try to look more into it. However if you have any helpful advice on the topic or links, let me know. Help would be appreciated.


Thanks and Cheers

Fusion