Page 4 of 7 FirstFirst ... 23456 ... LastLast
Results 31 to 40 of 61

Thread: School Trouble

  1. #31

    Agreed.

    LOF. That sounds so familure; the whole, I help you, I get screwed over for doing something I shouldn't be doing. I too was looked at after a computer would die, it even got to the point where I got blamed for someones start menu being messed up, or icons rearranged on someones desktop. Like common, the movies out today, are making people thing hacking/cracking is just a guy at a computer w\ a 3d console ie: Hackers. That was the funniest movie I've possibly ever seen. Anyhow, the whole SubSeven thing will go around for a while. Try doing mass scans on 10.*.*.* for nodes listening on port 27374, or whichever port they set it up to listen on. Assuming they're not skilled "crackers", you can just research the raw commands which operate SubSeven, write a drone to log IP addresses and timestamp all commands issued.

    However, If you cannot catch them in the act, forensics would be leet0 to have. Setup all the infected computers to log keystrokes, the removal of the trojans would be stupid. You want them to feel safe, and secure -- as you go in for the kill. Additionally, constant monitoring of all the computers infected would be prime. They're obviously gonna be cool, and connect to them. Make sure you get screenshots of that stuf. The outcome of this can be funny.

  2. #32
    might i suggest you (i dont know if you're a programmer?) write some code to listen to whichever ports they're binding to, and, if they're doing this from within the premises, something like Beep(3700, 1000) might help you to discover who it is? I know this is a stupid solution, but if this way you could catch them immediately without having to pore over logs until you actually have some suspects.
    Hey there, chaps! Being mexican-american, I don\'t really think I have the racial background to say that...Oh well, visit our site at www.evilcorp.tk
    Don\'t expect any content...for a few weeks!

  3. #33
    Senior Member
    Join Date
    Dec 2002
    Posts
    127
    Well, I know who is doing it, and I see when they are doing it, but i want evidence showing that they are doing it.
    The only four things i need are food, water, a computer, and the internet.

  4. #34
    Member
    Join Date
    Oct 2002
    Posts
    37
    Is this just computers in a classroom or an open lab?

    If your on classroom computers, you could try talking to your teacher to see if you can implement a "security system" on the computers. You may wanna check into just using the registry for security. I know it sounds stupid, but it can detour anyone who doesn't actually know what they are doing.

    Clean the server off the computers.
    Go to town on the registry.

    You can disable almost anything you want in the registry so they can't put the server back on it. If internet isn't needed, disable it. Disable any feature that you can possible get away with. As long as it isn't needed for any of the classes that are in that room you should be fine.

    Some things that come to mind is disabling the run command, hiding the c drive, make it to where the only thing on the harddrive that they see is a "user folder" with shortcuts to the programs they need.

    Had a friend who did this while we were in high school and it worked really well. I know of a couple of ways around it, but for the most part it should work.

    www.regedit.com <---should be able to search the site for anything you can think of.
    The only limit a person has, is the limit they give themselves.
    Cogito ergo sum. - Descartes

  5. #35
    Senior Member VicE$DoS$'s Avatar
    Join Date
    Nov 2002
    Posts
    209
    Seen as time and skills seem to be in short supply on this one you have two options:

    OPTION 1
    Download a 30 day trial of RealSecure and System Scanner from www.iss.net that’ll give you evidence of any trojan / installation attempts
    And also times IP addresses and recognised ‘grey list’ software (sub7, backorifice etc).

    OPTION 2
    Go Postal on them Madseel!! Kick there teeth out cut their fingers off and batter the hell out of them, or feed a live supply to the PC chasis and watch them fry!

    Hope this helps. No Neg AP’s please its Friday. Im allowed to be a bit mad.

    V$DS
    I remember when Nihil was ickle. Does that mean I'm old?

  6. #36
    Senior Member VicE$DoS$'s Avatar
    Join Date
    Nov 2002
    Posts
    209
    Seen as time and skills seem to be in short supply on this one you have two options:

    OPTION 1
    Download a 30 day trial of RealSecure and System Scanner from www.iss.net that’ll give you evidence of any trojan / installation attempts
    And also times IP addresses and recognised ‘grey list’ software (sub7, backorifice etc).

    OPTION 2
    Go Postal on them Madseel!! Kick there teeth out cut their fingers off and batter the hell out of them, or feed a live supply to the PC chasis and watch them fry!

    Hope this helps. No Neg AP’s please its Friday. Im allowed to be a bit mad.

    V$DS
    I remember when Nihil was ickle. Does that mean I'm old?

  7. #37
    Senior Member
    Join Date
    Jul 2001
    Posts
    281
    Another idea is assign static IP's to the PC's that are problem causing and make students sign a piece of paper on what PC they are going to use. You would need a teacher to keep track of this, or make them login to the PC's. Then you can gather the evidence of who's launching sub7 and catch them.

    You have barely any security there that is your problem. At my school we were all issued ID's and when we either had an assigned PC, or in the library you had to sign a piece of paper on what PC you were using, show your student ID, then they gave you the password for that PC. They were pretty strict, but we didn't have these kind of problems.

    We also had a deep freeze variant on our PC's so when they reset there went anything you installed.
    You\'re either a 0 or a 1, alive or dead

  8. #38
    Senior Member
    Join Date
    Jul 2001
    Posts
    281
    Another idea is assign static IP's to the PC's that are problem causing and make students sign a piece of paper on what PC they are going to use. You would need a teacher to keep track of this, or make them login to the PC's. Then you can gather the evidence of who's launching sub7 and catch them.

    You have barely any security there that is your problem. At my school we were all issued ID's and when we either had an assigned PC, or in the library you had to sign a piece of paper on what PC you were using, show your student ID, then they gave you the password for that PC. They were pretty strict, but we didn't have these kind of problems.

    We also had a deep freeze variant on our PC's so when they reset there went anything you installed.
    You\'re either a 0 or a 1, alive or dead

  9. #39
    My school uses programs that tell anyone who requests, who was on the computer at what time, and everything that they opened, installed, and used, ill try to find out what programs they use

  10. #40
    My school uses programs that tell anyone who requests, who was on the computer at what time, and everything that they opened, installed, and used, ill try to find out what programs they use

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •