how can hide to a firewall?

[ruffasdagut]

Hey all,

Well on this topic I was woundering if there is existing material on how to block Kazaa or if anyone has some tips...I have a win2k environment and I am sick and tired of fighting the battle and ending up the nice guy. Up until now I tried to deal with things on a case by case level, but it keeps getting worse. We can sit here and debate what is stealing and all that but I feel that the workplace isnt the place to have to deal with that. So sorry for the ramble...just tired of reading the sameold stuff...but if anyone has some good info I would love any help I can get. I will put basic technical info below.

Ruffasdagut

win2k server runs all the services. A linksys Router just connects to the DSL.

[nihil]

Hi,

I hope that I am not being misunderstood here. I have no objections to enthusiasm or the desire to learn; but I would suggest that there is a time and a place for everything. If I join an organisation, I do not think that it would be wise to learn about systems security by trying to hack into that organisation's systems? or break through its firewall, unless I am security officer/auditor. If I do this sort of thing, I will be detected and dismissed...............my concern is for new and enthusiastic people who will be misunderstood, without someone like myself to speak for them at their "court martial" I do not like to see genuine and basically innocent people get hurt, because they do not understand the rules.

ascii is a perfectly OK person in my opinion.......he said thank you..........AND EVEN SENT ME POSITIVE ANTIPOINTS!!!......... so I guess that my assumptions were close to the target? I believe that a part of AO is to advise those with enthusiasm, and keep them out of trouble. These young people will be the Sysadmins of the future; if they don't ruin their chance by a moments foolishness?

Yes I do care about people, because people have cared about me in the past! I shall " do unto others, as they have done unto me" and whilst I am on the Bible......

"There is more joy in heaven over one sinner who repents, than over 99 just men who follow the way of the law"

If we can turn out one person with a "white hat" rather than a "black hat" then I think that we have done well?

OK.............preacher mode off

I liked the comment about testing in a controlled environment using a laboratory machine. Over here you can get old P2 and P3 machines very cheaply, and should have one. Yes, the "hacktest" website is a brilliant way to learn........very good advice there! The point that I was trying to make is do not do this at your workplace, as you will most likely be misunderstood.

It was a very good post that mentioned the RIAA, and the institutional legal liability aspect. Particularly as we were talking abut KAZAA. Over here you are responsible for your "officers and agents".....that includes employees.............I suspect that a lot of these controls (in Europe at least) might be to satisfy the requirements for the corporate liability insurance policy?

As for "assumptions" well it may be a fine line, but there is a difference between an assumption, and an"educated guess" ????????????? Hey, isn't most fault finding based on educated guesses?

I was happy to see that people did not go after ascii and give him negative points That was the right way to go IMHO I think he did well by raising what has turned out to be an interesting thread?

Cheers

Boring nihil.......................gotta change my monniker?

[thehorse13]

It sounds to me that there are some very knowledgeable and seasoned sysadms reading this thread. Truth is, you didnt get this far by leaping to conclusions - why start now?

Seasoned admins have the ability to anticipate accurately with minimal knowledge. This develops with experience. It is apparent to me and other admins that this post is most likely an attempt to get around a firewall that is not controlled by this user. I can't speak for others but I will continue to make educated assumptions because 90% of the time I can stop a problem before it starts.

[Tedob1]

just to validate what TH13 is saying, here a later post from ascii:

+=+=+=+=+=+=+=+=+
when i browse on the internet about hacking, sex, gamble, proxy avoidance and etc., websense corporation filtered some sites. therefore i could not browse to this sites, how could i use http-tunneling? i dont have any ideas about our firewall...
+=+=+=+=+=+=+=+=+

which can be found here:

http://www.antionline.com/showthread...364#post660908

i totally understand where ascii is coming from. when i was in school the first thing i wanted to do was override restrictions. Its good that he sees the admins point of view...maybe he will actually think about what hes doing. As an admin now i know these things are done and not necessarly with evil intentions. i know what to look for and i keep watching here and other sites for new ways that its being done. which is what we all should be doing. So helpfull answers to these questions are appreciated

hes been told how to get around the fw (depending on the fw) and warned of the consequences of doing so. His future is in his hands and new admins reading this will now know what to look for in their own networks. that is the point of this site...no?

i guess what im trying to say is there isn't (IMHO) a conflict of interests in giving helpful answers to anti-security questions as long as the consequences of misuse are made known.