Page 2 of 8

Re: My school fails at computer security...

Posted: Sun May 23, 2010 4:29 pm UTC
by BobTheElder
hintss wrote:
Cynical Idealist wrote:
gear-guy wrote:
Cynical Idealist wrote:
hintss wrote:can someone help me to get back on the school's computers?

see my previous post

I've devised a five-step plan that should work for you.
Spoiler:
1: stop being an idiot and dicking around with the school's computers.
2: Convince the admins that you will use the computers normally
3: Wait for them to allow you back on the school's computers.
4: Remember to not fuck with the computers anymore
5: While you're at it, remember not to play games on the school computers either.

That is the stupidest thing i've heard ever, because if you actually READ his post, it says that he didn't do anything.

Right, I'll go through this point by point then.
1: This is based on past experience with hintss, not any specific post in this thread
2: Common fucking sense, here. They're the ones who can unban him, they're the ones he needs to convince.
3: See point 2.
4: See point 1.
5: See the post in this thread where he was going to websites blocked for games and passing the filter.

Also, if that's the stupidest thing you've ever heard, welcome to the internet. Let me show you what real stupidity looks like.

But then, I'm also the one who reported that the password was password and that you could get to Facebook. If it weren't for me, they wouldn't have known. Also, it is all on a Netware based network, so logging in to a workstation is logged.

You know what, now, I'm just working with my friend who I mentioned in the original post to create a complicated, dramatic looking revenge plan. He knows lockpicking, VBScript, C++, and all that, and I know where all the equipment is located in the school, in addition to how the management works, and general computer knowledge. In particular, I know that the ethernet lines, roof access, and fiber lines all lead to an unused classroom on the lower floor. Which has no security besides locks. And has double doors to the outside. And is filled with working, unused equipment. While the school is complaining about budget cuts. So anyways, by picking 2 locks, I could get access to the ethernet, and by picking another, I get roof access.

also, how much will this keep me from getting into my high school's robotics team in maybe 3 years (if I don't follow through with abovementioned plan)?


lol.... you're going to get arrested.

Re: My school fails at computer security...

Posted: Mon May 24, 2010 4:04 am UTC
by hintss
it is:

Code: Select all

@echo off
Z:\LOGOUT.exe


Z:\ is a network share of mostly utility programs required by the client software, and of installers when the sysadmins need to use them. Additionally, the volume name is vol1. I found Z:\LOGOUT.exe when my other batch file for logging out,

Code: Select all

@echo off
shutdown -l


just stopped working all of a sudden. Thats when I tried Z:\LOGOUT.exe. As I later found, it makes the server think that that particular user logged out, while still allowing the user to use the workstation. Apparently, since the server thinks the user is logged out, it removes access of the network shares from that computer.

The reason I think that it is harmless on the multi-user systems is that, since it is run whenever someone logs out, it can't effect the other users. Also, NComputing is supposed to isolate the individual users, however, all network data is through the sme NIC. Specifically, it was a computer with a single NComputing X550 series card.

Re: My school fails at computer security...

Posted: Mon May 24, 2010 5:07 am UTC
by Eseell
I should point out that there are serious legal implications for organizations that cannot or do not keep accurate network usage logs. For at least this reason, your use of that logout script is not harmless at all, though it may seem so at first blush.

Re: My school fails at computer security...

Posted: Mon May 24, 2010 5:13 am UTC
by hintss
but then, one sysadmin misrepresented relevent information to the other, and we could sue NComputing for false advertising.

Re: My school fails at computer security...

Posted: Mon May 24, 2010 5:24 am UTC
by Dason
So I guess I'm wondering... why are you using your custom script in the first place? Why don't you just log out like everybody else does? Am I missing something here?

Re: My school fails at computer security...

Posted: Mon May 24, 2010 5:31 am UTC
by hintss
I'm the person who was known for messing around with the computers, and I actually had one computer in the school where I was pretty much the only person who used it. But, I prefer logging out by using a batch file, and so, I had a logout one, which worked when the normal one didn't, and it stopped working for some reason. So, I tried having it run Z:\LOGOUT.exe, which only made the server think you logged out. Then, apparently, I ran it on one of the computers used by more students.

Re: My school fails at computer security...

Posted: Mon May 24, 2010 3:44 pm UTC
by MysteryBall
The usual here, fairly secure, no defaults, wifi has MAC access list and WPA2 (only the school netbooks allowed, great one spending £30k on a Cisco wireless system, eh?), no bat, cmd, etc.

Of course, there is the slight thing that those Netbooks are running Ubuntu, so I just had to hop into recovery mode and enable root to retrieve the stored WPA2 key. Then I just ran ifconfig on a few of them to get a nice list of MAC addresses I can use to connect to the wifi.

They need never know, I'll be coming back to do some odd things helping out at a club and stuff, so I'd rather like to be able to sit there with my shiny new laptop on their expensive wireless solution.

The net admin knows me very well, I do a lot of work for them, he knows damn well deep down that I'm probably a major threat to his entire network. Fun times.

Oh, and the filter is set via IE proxy settings, so when Firefox was installed briefly we had unfiltered internet access, and plugging another device in via the wired sockets sitting around (or using the above hackery to hop on the wifi) will also give unfiltered access.

Good, eh?

Re: My school fails at computer security...

Posted: Mon May 24, 2010 4:57 pm UTC
by Eseell
They spent that much on a Cisco wireless solution and didn't implement any kind of certificate-based EAP? What a waste; MAC address filtering is incredibly easy to work around even without physical access to an authorized computer. MAC address filtering isn't even considered a best practice for wireless design anymore.

Re: My school fails at computer security...

Posted: Mon May 24, 2010 5:39 pm UTC
by MysteryBall
Eseell wrote:They spent that much on a Cisco wireless solution and didn't implement any kind of certificate-based EAP? What a waste; MAC address filtering is incredibly easy to work around even without physical access to an authorized computer. MAC address filtering isn't even considered a best practice for wireless design anymore.


Yes, well, in a secondary school where they don't think that the students would do anything extremely technical, and the only students that would (me, my technician team [yes we are that, or were till the new year 10 folk took over our duties]) are on their side (so they think...) they generally don't worry about complicated solutions like that. If we put our heads together and had a bit of time, we'd probably be sitting with Remote Desktop open to an admin console on the domain controller, oh that would be fun.

They should hire folk like us, the people who think like students because they are students, to hack into their networks. Best way to protect it, really.

Re: My school fails at computer security...

Posted: Mon May 24, 2010 11:56 pm UTC
by BobTheElder
hintss wrote:I'm the person who was known for messing around with the computers, and I actually had one computer in the school where I was pretty much the only person who used it. But, I prefer logging out by using a batch file, and so, I had a logout one, which worked when the normal one didn't, and it stopped working for some reason. So, I tried having it run Z:\LOGOUT.exe, which only made the server think you logged out. Then, apparently, I ran it on one of the computers used by more students.


Just seen a number of your posts in a couple of threads, and I'm trying to decide of you're trolling or being an arsehole :s

Re: My school fails at computer security...

Posted: Wed Jun 02, 2010 10:54 am UTC
by hairbuns
Well, at my school

-BIOS is unlocked
-students can install programs
-students can make shortcuts
-can't make/run .bat's, but can use CMD
-students can mess around with every PC and the server on the network, and run the CSS scripts.
-can send netsends to the admin. Which got me in trouble when I spoofed him with a fake error message by accident.

I got in trouble for reporting these faults after having some lulz installing CIV1 to play in secretary class and having a look at how the server worked, and making a shortcut to firefox, which had been installed by the PC builders. I most likely could've run some Linux boot disks for some serious lulz, but that would've gotten me suspended. Now I'm out of secretary class and doing computing for retards, so I can do some decent certificates by correspondence.

Re: My school fails at computer security...

Posted: Wed Jun 02, 2010 8:56 pm UTC
by MysteryBall
hairbuns wrote:Well, at my school

-BIOS is unlocked
-students can install programs
-students can make shortcuts
-can't make/run .bat's, but can use CMD
-students can mess around with every PC and the server on the network, and run the CSS scripts.
-can send netsends to the admin. Which got me in trouble when I spoofed him with a fake error message by accident.

I got in trouble for reporting these faults after having some lulz installing CIV1 to play in secretary class and having a look at how the server worked, and making a shortcut to firefox, which had been installed by the PC builders. I most likely could've run some Linux boot disks for some serious lulz, but that would've gotten me suspended. Now I'm out of secretary class and doing computing for retards, so I can do some decent certificates by correspondence.


Your school has issues, are they looking for a new netadmin yet? I'm only just leaving school but I could sure as hell do a better job than your current lot, by the sounds of it. :<

Don't you just love it when the guys that know nothing get the jobs you'd kill for because they have 'more experience' and are 'older' than you? ;_;

Re: My school fails at computer security...

Posted: Wed Jun 02, 2010 11:00 pm UTC
by hintss
yeah, its so annoying when that happens...

Re: My school fails at computer security...

Posted: Fri Jun 04, 2010 1:55 pm UTC
by JohnLeFou
My school's secrurity was pretty lax. I was by no means a great hacker. I loved crashing the typing class' server when I didn't feel like working though. My Jr. year I was poking around the network browsing other students account files (pretty much nothing interesting ever), when I got a message from win chat. I thought I was in big trouble. It turns out it was the school's new Math teacher wanting to scare me a little bit. He didn't report me, he sort of admited to me that he likes to poke around too. By my Senior year things were locked down. I think he decided to throw some tips to the IT department.

Re: My school fails at computer security...

Posted: Sat Jun 05, 2010 2:36 pm UTC
by Woopate
Ahh, insecure school networks. How I love thee. My circle of companions had run of the network for so long, and whatever teacher they put in charge of computer for any given year was ultimately ineffective at punting us off, that they pretty much got us to run it for extra credit. Then I moved schools.

But at the new school, somebody had managed to sneak a copy of Quake 2 onto a ghost disc or somesuch, so that every time a computer was reverted to the default, there was a version of quake 2 primed and ready to go. It was there for a whole year.

Re: My school fails at computer security...

Posted: Thu Jun 10, 2010 10:14 pm UTC
by bobjoesmith
almost same...

theres a copy of halo on the network drive...
at any given point theres like 8 ppl in the media center

Re: My school fails at computer security...

Posted: Thu Jun 10, 2010 11:19 pm UTC
by hintss
my estimate toward the middle of the year: I spend 2 hours out of six at school in the media center. assuming no classes went there for research, etc...

and someone put powder toy in student share. I felling angry enought that I won't report it.

Re: My school fails at computer security...

Posted: Sat Jun 12, 2010 12:01 pm UTC
by ManyPopes
Our school uses RM Tutor 4, which practically blocks everything and doesn't let you do anything. I'd say the school computer's can't really be counted as computers any more... Luckily it's never heard of java file manager which lets you copy over pre-installed programs from a pen-drive.

Re: My school fails at computer security...

Posted: Sun Jun 13, 2010 7:50 am UTC
by hintss
ManyPopes wrote:Our school uses RM Tutor 4, which practically blocks everything and doesn't let you do anything. I'd say the school computer's can't really be counted as computers any more... Luckily it's never heard of java file manager which lets you copy over pre-installed programs from a pen-drive.


spreadsheet ninja?

http://www.spreadsheetninja.com/the-games/

Re: My school fails at computer security...

Posted: Sun Jun 13, 2010 10:23 am UTC
by MysteryBall
ManyPopes wrote:Our school uses RM Tutor 4, which practically blocks everything and doesn't let you do anything. I'd say the school computer's can't really be counted as computers any more... Luckily it's never heard of java file manager which lets you copy over pre-installed programs from a pen-drive.


RM Tutor 4 is a real-time management thing though, it's not a day to day thing?

Are you sure you're not mistaken for Community Connect 4? I have RMT3 sitting around somewhere and it's pretty much useless as a utility, I hear the CDs make good coasters though (I torrented mine, so beats me).

At least you can run programs, though. We can't run anything. :<

Re: My school fails at computer security...

Posted: Sun Jun 13, 2010 8:01 pm UTC
by satinyou
My school has fairly lax security as there are lots of proxy websites that are unblocked and every one knows the wifi password as soon as they change it.

Re: My school fails at computer security...

Posted: Sun Jun 13, 2010 8:06 pm UTC
by hintss
last year someone put up powder toy, and its still spreading/being run.

also, armagetron was never deleted...

Re: My school fails at computer security...

Posted: Mon Jul 12, 2010 5:42 am UTC
by trumpet
This isn't exactly computer security related, but is a fun trick.

Me and my friends would print screen the desktop, and then set the image as the desktop background. Then we would delete every shortcut, and drag the taskbar down off the screen. Hilarity ensues when students and teachers alike try to find what's wrong with the computer.

Re: My school fails at computer security...

Posted: Thu Jul 15, 2010 9:29 am UTC
by hintss
next year, I'm checking the contracts for loopholes. last year, they were dumb enough to tell us to keep the signed contracts. then, we could "lose" them, and claim we weren't aware of the rules/restrictions...

Re: My school fails at computer security...

Posted: Fri Jul 16, 2010 4:04 pm UTC
by Dason
hintss wrote:next year, I'm checking the contracts for loopholes. last year, they were dumb enough to tell us to keep the signed contracts. then, we could "lose" them, and claim we weren't aware of the rules/restrictions...

Huh. Doesn't sound like the best idea on their part but it also sounds like a dick move on your part.

Re: My school fails at computer security...

Posted: Sat Jul 17, 2010 6:24 am UTC
by kc7cv9n3o30vov
At my school my friend plugged his iPod into a computer to charge it...
The NSA had a little problem with that.

Re: My school fails at computer security...

Posted: Sat Jul 17, 2010 9:34 pm UTC
by Internetmeme
Just remembered: In my Human Geography class, I was that kid that would be on the computer playing flash games (winning a game on the second try that nobody else could. That one game where you're a fish that grows and etc. It was rather easy, and I can't see how they lost after a dozen tries) when class started and ended. Bloons Tower Defense 3 was my favorite.

Then I got into I Wanna Be The Guy, and decided to try to run it at school. IWBTG.exe didn't work. So I did the age old trick of changing it to iexplore.exe. It worked in that class, but when I tried to do the same in my Flash CS3 class, it didn't work.

EDIT:
Oh and hintss? Enjoy the fun you've had in middle school. Trust me, they won't put up with any black-hatting in high school. White-hatting will be tolerated.

Re: My school fails at computer security...

Posted: Sat Jul 17, 2010 11:46 pm UTC
by hintss
oh, so I put up with trying to white-hat for a year for no reason?

they let me write the logout script when the old one they let me write stopped working. I told both of them 2 weeks ahead of time that I was going to change it, they both acknowledged, and said OK. oh, and I had the batch file on the computers since the begining of the school year. the reason I even had a logout script is that when the normal logout methods don't work, the script usually does.

oh and more fails: booting a livecd is easy, you can get command line on the server, they somehow bodged the school homepage AND SAVED IT TO THE SERVER and guess what? they use dreamweaver. oh, and the site has a few hundred broken links, there are a bunch of mislabelled links, theres an HTML error on the home page, and they haveold versions from the last 3 years. poor orphaned group of pages.

I think I want to be grey-hat from now on...
besides, thats how I got out of a permaban and suspension the in 7th grade, I was helpful enough, it was only a 1-month ban.

Re: My school fails at computer security...

Posted: Mon Jul 19, 2010 7:01 pm UTC
by MysteryBall
hintss wrote:they use dreamweaver.


Kudos to them for knowing how to use Dreamweaver, and for also having the sense to do so.

Re: My school fails at computer security...

Posted: Tue Jul 20, 2010 1:53 am UTC
by hintss
yeah, but if I remember right, its WYSIWYG HTML editor. the fact that they didn't check the preview before sending it out to the server...

oh, and once, I took my netbook out. within 5 minutes, I counted 7 people asking "Is that a laptop?!" and 3 people smacking the keyboard as I'm logging in to ubuntu.

Re: My school fails at computer security...

Posted: Wed Jul 21, 2010 6:07 am UTC
by WillShowalter
I'm still trying to put together how exactly my school's network security works.

The entire school district is running on Novell, and all the web traffic goes through a hardware proxy called an "iBoss" (made by phantom technologies) at the district site. All outbound traffic except the proxied web traffic is blocked.
Your computer has to be logged in and authenticated through Novell before your traffic is accepted by the proxy server. From what I could gather from the iBoss product documentation, the device lets you authenticate users through a LDAP tie in, so I think they are tying to the Novell eDirectory database with the iBoss device.

The network topology in my district is such that each school is on it's own subnet (my school is on the 10.73.1.0/20 subnet) and each school has a router that connects to the district over a dedicated leased line WAN link. District networking appliances are on the 10.99.XX.XX subnet (I don't remember what the mask was). This includes the iBoss device, DHCP and DNS servers, as well as the main Novell servers that you authenticate to (I think).

The part that confuses me is that, once your authenticated, it is your MAC address that differentiates your traffic as being authenticated for the web proxy. A couple of my close friends who are also very computer proficient discovered this while I was suspended last semester. They could effectively hijack an authenticated connection to the internet, through the proxy, by spoofing their mac address to that of another computer that is already logged in. This technique was most reliable when used against a wireless client (as having to computers trying to use the same mac address creates conflicts, and if done over a switched network you basically just kick both hosts off the network).

So we determined that it is white listing authenticated MAC addresses to allow traffic through the web proxy. This makes sense since one of the things the iBoss's LDAP tie in can do is import a list of authenticated computers (specifically, their MAC addresses, hostnames don't matter) from the LDAP datebase.

By talking with one of the district networking guys I was able to find out that it also uses MAC addresses for the rest of the firewall rules (allowing outbound connections to ports other than 80, NOT going through the web proxy service, possibly going through the same hardware though, I'm not sure)

This leaves me wondering how they're discerning the MAC address of the traffic once it hits the district level. MAC addresses are used to route on your local network, and the frame's destination and source MACs change every time you change networks. There must be some equipment on the network that is adding the MAC address information to the packet before sending the frame over the WAN link. (It's not done client side because I can spoof the mac address on a linux netbook and be able to get internet access through the proxy).

I'm going to look into it more this upcoming year, doing some packet capture and traffic analyzing. I hope to know their network better than their "Networking Specialists" by the end of this upcoming year (my senior year).

They also finally switched their wireless network from WEP to WPA this last semester. They still don't seem to grasp the concept that we can easily extract the key from the registry though. It might not be the actually passphrase and only the hex key that WPA turns your passphrase into, but it still works. They have all the equipment in place that they could be using EAP, I don't get why the insist on always doing everything just a little bit wrong. =/

Update: I think ICMP echo requests (pings) worked from unauthenticated clients, but all traffic that actually ran on ports was explicitly denied.

Re: My school fails at computer security...

Posted: Wed Jul 21, 2010 7:20 am UTC
by Eseell
WillShowalter wrote:There must be some equipment on the network that is adding the MAC address information to the packet before sending the frame over the WAN link.

Not necessarily. They could be using something similar to Cisco NAC to enforce compliance. Traffic gets classified at the access or distribution layer by the NAC Appliance according to its security restrictions, and then marked appropriately. That way the upstream gear only has to know generic markings, perhaps with 802.1q tagging, MPLS labeling, or DSCP marking.

For example, all packets from unknown MAC addresses get thrown into the walled garden and tagged with some label "1". All upstream devices know to treat any packets labeled "1" with the strictest of security. The firewall to the Internet blocks these packets completely. Packets from known administrator MACs get tagged "3" and are allowed to bypass some of the filtering. If their QC is poor you might be able to figure out how they're doing this and work around it, but any network admin with half a brain cell is going to setup a trust boundary between your PC and the network that remarks all your packets to a neutral marking, reclassifies them, and then marks them properly.

Re: My school fails at computer security...

Posted: Wed Jul 21, 2010 7:27 am UTC
by WillShowalter
Eseell wrote:
WillShowalter wrote:There must be some equipment on the network that is adding the MAC address information to the packet before sending the frame over the WAN link.

Not necessarily. They could be using something similar to Cisco NAC to enforce compliance. Traffic gets classified at the access or distribution layer by the NAC Appliance according to its security restrictions, and then marked appropriately. That way the upstream gear only has to know generic markings, perhaps with 802.1q tagging, MPLS labeling, or DSCP marking.

For example, all packets from unknown MAC addresses get thrown into the walled garden and tagged with some label "1". All upstream devices know to treat any packets labeled "1" with the strictest of security. The firewall to the Internet blocks these packets completely. Packets from known administrator MACs get tagged "3" and are allowed to bypass some of the filtering. If their QC is poor you might be able to figure out how they're doing this and work around it, but any network admin with half a brain cell is going to setup a trust boundary between your PC and the network that remarks all your packets to a neutral marking, reclassifies them, and then marks them properly.


I have actually recently been learning about VLANs recently and I was wondering if they might be using an 802.1q technique or something similar. I should also clarify that the unauthenticated hosts get prompted with a login page for the iBoss proxy device (but our school logins aren't accepted by it, which makes sense if they are only importing computers and not users from eDirectory).

Re: My school fails at computer security...

Posted: Wed Jul 21, 2010 7:47 am UTC
by Eseell
Eh, looking at the product documentation, I don't think these iBoss things are as smart as I gave them credit for. They probably just have a master iBoss in their central office and slave iBosses at every site, like in figure 9 of their deployment guide. I've worked with devices like this before and they're really simple. In the case of an unregistered user they just intercept every DNS query or HTTP GET and reply with the address/data of their login page. Web or other application filtering works similarly except that they only intercept traffic destined for blocked addresses or protocols. It doesn't look like the iBoss works at all if there isn't one on the same broadcast domain as the end user.

Re: My school fails at computer security...

Posted: Wed Jul 21, 2010 8:24 am UTC
by Chindi
iBoss is most likely being used for just content filtering. Like you stated, not that sophisticated of a design. "Registered" Being MAC addresses,possibly being sent out by novell? Figured it was just for logs and host control (At least that is the extent of novell here.) I"m not sure if an iBoss has actually been installed at each location node. I doubt they would have purchased that many (Standing joke on the cheapness of the district).

I am intrigued on where this will lead us. Perhaps this will answer the remaining questions I have on this network.

Re: My school fails at computer security...

Posted: Wed Jul 21, 2010 10:27 am UTC
by hintss
our network topology is:

one fiber line to district

fiber goes to ethernet bridge+switch

server, IT guy's computer, and secondary switches connect to this switch

server is a many-year-old dell with 120GB HDD, running Novell, though it was scheduled to be replaced during last summer break, but they thought it was a printer in the box, so they're doing it this summer break

uses PXE+Linux+Novell imaging software for reimaging

secondary switches power individual wings, where they feed the teacher's computers, and ternary switches, which feed groups of computers in the labs.

--misc. unrelated stuff--

oh, and theres a mystery server rack in the PE building (3 computers). its mounted on the wall, its black, it has a glass door, and you can see blinkenlights inside

and they have a rackmount tape backup unit. on a desk. in the server room and they have liek and extra 15U available in the rack.

the web filter is made by a local company (Irvine, CA). IIRC, the company's name was 3 characters, started with a number, followed by 2 letters. it can also block FTP

all the extra junk goes in this one student accesible room. also, the fiber lines and roof access go through there.

they complain of budget cuts, while at the same time, they took the good computers into storage and replaced them with NComputing.

connecting my netbook to ethernet, I could see the whole LAN, and access the ethernet, even though I was permabanned from the school's networks


not sure about the high school, but I'm sure the main servers are in the office, and theres a large rack in the library...

Re: My school fails at computer security...

Posted: Wed Jul 21, 2010 4:51 pm UTC
by WillShowalter
Eseell wrote:Eh, looking at the product documentation, I don't think these iBoss things are as smart as I gave them credit for. They probably just have a master iBoss in their central office and slave iBosses at every site, like in figure 9 of their deployment guide. I've worked with devices like this before and they're really simple. In the case of an unregistered user they just intercept every DNS query or HTTP GET and reply with the address/data of their login page. Web or other application filtering works similarly except that they only intercept traffic destined for blocked addresses or protocols. It doesn't look like the iBoss works at all if there isn't one on the same broadcast domain as the end user.


I think you may be right about that. The possibility of them having a device at every site makes sense, not sure why that possibility had slipped my mind, even after I read all their supporting docs.

I'll also add that you can bypass the proxy filtering entirely on most sites just by doing an nslookup of the domain and navigating directly to the IP. I think you still had to be authenticated though, as the traffic still passes through the device.

Also, Chindi is one of the guys who originally figured out that MAC addresses were what authenticated someone to the proxy. Just thought I'd share that since he didn't. :)

Re: My school fails at computer security...

Posted: Wed Jul 21, 2010 7:16 pm UTC
by Eseell
hintss wrote:the web filter is made by a local company (Irvine, CA). IIRC, the company's name was 3 characters, started with a number, followed by 2 letters. it can also block FTP

Could it be M86 Security? They're based in Orange, CA and their content filters are quite popular.

Chindi wrote:iBoss is most likely being used for just content filtering. Like you stated, not that sophisticated of a design. "Registered" Being MAC addresses,possibly being sent out by novell? Figured it was just for logs and host control (At least that is the extent of novell here.) I"m not sure if an iBoss has actually been installed at each location node. I doubt they would have purchased that many (Standing joke on the cheapness of the district).

I am intrigued on where this will lead us. Perhaps this will answer the remaining questions I have on this network.

School districts probably get huge discounts for these things thanks to government grants and subsidies. They also don't seem like they'd be very expensive based on my experience with similar devices. The other possibility is that they have layer 2 extended all the way to their central office even over their WAN links with an iBoss sitting in front of the router or multilayer switch that has gateways for every subnet in the network, but frankly that's an idiotic way to build a network.

I expect that the iBoss gets a list of registered MACs from the Novell LDAP server. Machines with known MACs (e.g. teachers' desktops) are allowed to bypass the login and everyone else gets prompted for credentials (e.g. users with laptops). Users that pass the login are similarly registered with the iBoss and are filtered based on whatever restrictions are placed on the user account.

WillShowalter wrote:I'll also add that you can bypass the proxy filtering entirely on most sites just by doing an nslookup of the domain and navigating directly to the IP. I think you still had to be authenticated though, as the traffic still passes through the device.
Hee. That makes sense if the content filter intercepts every HTTP GET for non-authenticated users but only does filtering based on URL for regular users. Other content filters I've used store both the IP and domain of blocked sites, but it's conceivable that yours only filters on the domain.

Re: My school fails at computer security...

Posted: Wed Jul 21, 2010 7:29 pm UTC
by WillShowalter
Eseell wrote:
WillShowalter wrote:I'll also add that you can bypass the proxy filtering entirely on most sites just by doing an nslookup of the domain and navigating directly to the IP. I think you still had to be authenticated though, as the traffic still passes through the device.
Hee. That makes sense if the content filter intercepts every HTTP GET for non-authenticated users but only does filtering based on URL for regular users. Other content filters I've used store both the IP and domain of blocked sites, but it's conceivable that yours only filters on the domain.


That's exactly what I was thinking. They probably do have the ability to filter IPs, but whoever/whatever the source is for their filter list does a horrible job. Ever since they installed it they've been fighting a loosing battle against students using proxies.

Re: My school fails at computer security...

Posted: Thu Jul 22, 2010 1:25 am UTC
by squareroot
PHP Proxies are so fun; Just put a file on your website, and boom. If they block it, then there are at least twenty places you can register another domain for that sole purpose, for free. :-)

(Note: I've been having some trouble getting to mine work. Advice would be appreciated.)

My school's security was decent, I'd say. Every student had his own account (software was Novell), and thus his own section of a drive. You had to have an administrator account to access them, I guess, and they were pretty protective there. Of course, the account credentials were your student ID number - which was super easy to get, if you were persistent for maybe a day or two of watching the person you wanted to hack - and the password was just their birthday, which you could probably just get off Facebook.

Then didn't let you install anything, and you couldn't access "My Computer" in Windows Explorer. They did, however, let you access Command Prompt. ^.^ I never tried a .bat file. Once I was typing a document in Notepad (because I didn't want the bloat of MS Word, I just needed to record some text) and the librarian thought I was trying to crack the computer or something, and I when I was showing my friend how to use Command Prompt (just harmless stuff), my PE teacher made me close it for fear I was trying to hack something there, too. Ah, well. Finding some good proxy sites was enough to turn me into a hero. :)