how to be undetected in LAN

[_G_]

it's possible to be "un-detected" in a LAN? i'm talking about a small lan (8 computers, 2 switches) , no special server, software....etc (only winxp, maybe sp1 or sp2)

I want, for example to listen an mp3, see a movie....., without beeing detected by programs like netwatcher(pro), in fact i don't want them to see me at all.

sorry for my bad english and for this lame question

[i2c]

dunno what os your on,

but in windows 2000 theres a way of alter the registry keys to make the computer work in stealth mode. Have a look on astalvista.com for a tutorial on it, its there somewhere

they'll be a way to do it in linux but i dunno how

i2c

[ttau]

Simple, remove the box from the workgroup, I use my companys lan but am not part of the workgroup and am not restricted by there rules.(with bosses permission of course).

[rjhaey]

I agree with that, because the only thing u want is the internet connection and not the workgroup and their policies.

Watch your thoughts, for they become words. Choose your words, for they become acions. Understand your actions, for they become habits. Study your habits, for they become your character. Develop your character, for it becomes your destiny...

[cgkanchi]

rjhaey, don't use large fonts. They're annoying. _G_, why exactly do you want to do this? It sounds to me as if you're trying to bypass your school's protection system, and this site isn't there to help you with stuff like that.
Cheers,
cgkanchi

[HTRegz]

I'd say if you just want to listen to mp3s and watch movies that the easiest thing to do is not plug your computer into the network. Last time I checked most movies players and mp3 players didn't require a network connection. However I'm thinking that cgkanchi is prolly on the right track with this one, I could see no valid reason for wanting to hide yourself from a network. If you are hiding yourself, it obviously isn't yours. This makes what.. the dozen lil kid who wants to be cool in the last 48 hours, perhaps we need to but in big letters across the main page "WE ARE NOT HERE TO HELP YOU BREAK THE RULES".. because they just aren't getting the idea.

Peace
HT

[wedjarl]

The fact that your avoiding to be detected by netwatcher means you would do something forbidden. mp3s? movies.............I guess a porn one.

[Modderfokker]

For whatever reason _G_ wants to hide himself, why isnt someone with the knowledge actually posting a way to do this? There must be legitimate reasons (none that i can think of right now) for someone to want this.

Perhaps a sysadmin wants to find out how his users try or do suceed in hiding his/her computer from the network?

[Cybr1d]

thats not what the question asked modder. G gave us the impression of being a little kid trying to break the rules, which is something we do not condone. If he asked, "I want to know how people are hiding themselves in my network" then we'd have a different story.

[slarty]

Assuming the router is not the same machine as any servers etc, you can set up a firewall rule which prohibits any traffic to / from other boxes on the LAN except for the router.

You also have to figure out a way of blocking broadcasts. This is tricky, esp. on Windows which likes to do a lot of broadcasts. Maybe your firewall can be used to block outgoing broadcasts.

ARP stealth is more difficult. Even with the above rules in place, it will still broadcast ARPs to find the router's MAC address.

The easiest way of getting around that is to hard-code the router's MAC address.

I am assuming of course, that you aren't using DHCP. That is obviously a sure way to be detected.

So, in summary:
- Don't use DHCP (obviously)
- Use firewall rules to block all IP traffic to/from all LAN boxes except for the router
- Create a static ARP entry for the router itself
- Shut down all services / applications which may create broadcast traffic
- Uninstall any protocols other than IP, as they may send broadcasts.

One of the risks of having a "stealth" machine however, is someone else taking over your IP unwittingly. As the admin will not be able to detect the box, the IP may be reallocated.

Unfortunately none of these measures will prevent the box being seen by the router - this is necessary.

Also, a clever admin will watch the router's own ARPs for your IP. They won't see the responses (on a switched LAN), but they will see these broadcasts. They are unavoidable.

And of course managed switched will be able to easily detect the box.

Slarty