need help regaining internet acces on work :)

Q&A, advice, reviews, and news about the computers, phones, TVs, stereos, and pretty much anything else that can't be easily whittled out of a stick or chipped out of stone.
Locked
Lord_of_Llanowar
Redshirt
Posts: 7
Joined: Wed Mar 02, 2005 9:33 pm

need help regaining internet acces on work :)

Post by Lord_of_Llanowar » Wed Mar 02, 2005 9:41 pm

At my work the networkmanager does all kinds of stuff on the comp, like keylogging.
A few days ago the internet on the pc i use was cut off.
At first i tought it was the system manager. but today i found out my co-worker thinks im too much on the internet(he is on way more, and does no work either :)) and has shut down the internet for me, and getting on himself whenever im away.
This i all heard from my other co-worker.
So now to have my precious internet back and irritate the hell out of my co-worker i need some help on how to do it.

when i try to connect to the internet an error page comes up saying

403 Forbidden - The ISA server denies the specified uniform resource locator (url). (12202)
internet security and acceleration server

I have searched for ISA on the comp, but cant find any on it, so its probably just on the system, and my co-worker must then have found another way to block me.

Does anyone know what this could be?

Tnx in advance

User avatar
Deacon
Shining Adonis
Posts: 44234
Joined: Wed Jul 30, 2003 3:00 pm
Gender: Male
Location: Lakehills, TX

Post by Deacon » Wed Mar 02, 2005 10:12 pm

The follies which a man regrets the most in his life are those which he didn't commit when he had the opportunity. - Helen Rowland, A Guide to Men, 1922

User avatar
Infin8Cyn
Redshirt
Posts: 6309
Joined: Tue Apr 29, 2003 10:02 pm
Real Name: James
Gender: Male
Location: Albuquerque, New Mexico
Contact:

Post by Infin8Cyn » Wed Mar 02, 2005 11:03 pm

Wow. I can't believe you use a system that has keylogging on it. Welcome to identity theft and such...

Looks like he's cut you off at the gateway between you and the outside world.
Image

User avatar
billf
Pantless power
Pantless power
Posts: 7052
Joined: Tue Feb 11, 2003 8:27 pm
Location: New York... The part with the cows
Contact:

Post by billf » Wed Mar 02, 2005 11:23 pm

Go in and fuck with all the settings so that the internet doesn't work at all.

The most fun is to go into IE's settings, tell it to use IE colors instead of the assigned colors and then change all of the IE colors to yellow and orange.

Then make a trade-off. If he stops being an ass, you'll leave the different settings alone.
Image
"We spend the first year of their lives teaching them (children) to walk and talk, and the rest of their lives telling them to shut up and sit down."

Lord_of_Llanowar
Redshirt
Posts: 7
Joined: Wed Mar 02, 2005 9:33 pm

Re: need help regaining internet acces on work :)

Post by Lord_of_Llanowar » Wed Mar 02, 2005 11:29 pm

yeah well, of course im gonna fuck up the computers if i wont regain my reason of living back.....
the plan is to get myself internet, and make sure my co-worker aint. But without him knowing ive done it .
If i cant get that done, say hello to regedit :)


oh yeah, for the ones who are interested how i deal with keyloggers

i just open wordpad and tell them everything i think about those losers, and threatened to harm the computers in a serious way if they wont remove it(and i will)

User avatar
Deacon
Shining Adonis
Posts: 44234
Joined: Wed Jul 30, 2003 3:00 pm
Gender: Male
Location: Lakehills, TX

Post by Deacon » Wed Mar 02, 2005 11:36 pm

The fact that you've survived this long must surely be accepted by the greater scientific community as proof that Darwin was wrong.
The follies which a man regrets the most in his life are those which he didn't commit when he had the opportunity. - Helen Rowland, A Guide to Men, 1922

Lord_of_Llanowar
Redshirt
Posts: 7
Joined: Wed Mar 02, 2005 9:33 pm

Post by Lord_of_Llanowar » Wed Mar 02, 2005 11:47 pm

[quote="Deacon";p="460512"]The fact that you've survived this long must surely be accepted by the greater scientific community as proof that Darwin was wrong.[/quote]
glad i could be of help!

User avatar
TopCat
Redshirt
Posts: 3783
Joined: Wed May 21, 2003 1:34 am
Gender: Male
Contact:

Post by TopCat » Thu Mar 03, 2005 12:05 am

Wow, ISA server between you and the net. At my workplace we do have an ISA server in the middle but that's for caching purposes or something. We don't block any sites because there is always porn that gets around it, and it often blocks good sites. We do portblock though, so you don't play games or, more importantly, get Blaster or it's copycats from the 'net.

I know one of the employees actually has DSL to their office, and that's fine, they pay, their internet, whatever.

Now about ISA:

It's a computer between yours and the net, I don't know exactly what your coworker has done and how much you know about computers (i am thinking just enough to get by), but you could, first, get Knoppix and boot to that. It's bootable linux and won't have a keylogger (unless its hardware, then its probably keykatcher). It may, even, let you get out to the web.


One of the more likely things (short remoting into the isa server and allowing the computer access, then changing back when leaving) is that he's changing your ip address to a static (blocked) ip. I am just rambling on here, I know nothing about ISA servers and there's probably a billion different ways to block someone and such.

However I know that I can block an ip address from getting on the net at my router, and I can put that ip in the range that's not issued by DHCP. I could then set the machine to that blocked ip when I'm not there, and set it to DHCP when I am. Meh. I'd quit and switch to a job that actually trusts its employees a little bit more.
hahaha i don't come to these forums anymore :x

pc486
Redshirt
Posts: 532
Joined: Fri Jul 09, 2004 1:48 am

Post by pc486 » Thu Mar 03, 2005 7:14 am

I'm not sure how this ISA server/web cache/firewall/thing works but here is how I get around most firewalls.

First off you'll need a *NIX machine. Cygwin might do the job if you're stuck on windows. Turn on your machine at home (hopefully with some broadband connection) and have it use/update a DynDns account or some other dynamic DNS service. Also install some sort of proxy on it. Log into that machine from work with SSH and have it port forward from a local port (say 1234) to the home machine's proxy port. Then setup Firefox/IE/Opera/browser_of_choice to use a proxy at localhost:1234.

Bam, instant encrypted proxied interwebs baby! Enjoy :-).

User avatar
PhoenixGeek
Redshirt
Posts: 603
Joined: Tue Dec 21, 2004 5:49 pm
Location: Central IL

Re: need help regaining internet acces on work :)

Post by PhoenixGeek » Thu Mar 03, 2005 2:42 pm

[quote="Lord_of_Llanowar";p="460501"]
oh yeah, for the ones who are interested how i deal with keyloggers

i just open wordpad and tell them everything i think about those losers, and threatened to harm the computers in a serious way if they wont remove it(and i will)[/quote]

How the hell you havn't been fired yet I will never know. Try takeing the direct approach and talking with a supervisor or IT manager you daffy twit.
Image

User avatar
edge
Redshirt
Posts: 3376
Joined: Mon Jun 02, 2003 9:43 pm
Gender: Male
Location: Pittsburgh, PA
Contact:

Post by edge » Thu Mar 03, 2005 5:19 pm

pc486, I do that all the time :D I love it.
Works fantastically. I don't have things blocked here where I work (then again, I'm on the network admin staff), so it's not really a problem. But I like it for when I'm out and about and need to make a change to my router's configuration at home, or just want to test something on a webserver local to my home network. It's very convienent.

User avatar
Benjamin
Redshirt
Posts: 282
Joined: Tue Jul 08, 2003 6:44 pm
Gender: Male
Location: Baghdad South, Iraq
Contact:

Re: need help regaining internet acces on work :)

Post by Benjamin » Thu Mar 03, 2005 5:20 pm

FYI, this was used at one time to bypass military proxy/firewalls here at work so that's why it references "Base Proxy"


First, let's look at how the traffic flows normally. For those of you that know how NMS/BIPS is set up, you might want to skip this part. The normal flow of data follows along the green path. Workstation -> Base Proxy -> Firewall -> the Internet -> Target Web server and back.

Actually, it's a little more complicated than that. From your computer to the proxy the packets have a destination port of 8080, the normal proxy port. Then the proxy re-packages them with a destination port of 80, the normal http port. Of course, it does all it's checks to make sure the request isn't for a naughty site yada yada yada. Then it's port 80 all the way through the firewall, internet, over the river and through the woods until it gets to http://www.grandmothershouse.com.

Then the data comes back the same way.

But wait! Grandmothershouse.com is in the proxy server's unacceptable sites list! They don't want you getting that "warm apple pie"!!!

Bah I say! Let's try following the yellow path. *Follow the yellow brick road, follow follow follow follow, Follow the yellow brick road* This would be the path your packet takes when you don't have a proxy server configured in your browser's settings. The packet leaves your computer with a destination address of http://www.grandmothershouse.com and a destination port of 80.

Because of how the routers are set up on a typical network, everything flowing out or into the network has to pass through the firewall. So, your little wayward packet makes its way through your base network and gets to the big bad firewall. Your little packet tries to go through the firewall's port 80 hole only to find it's shut tighter than a ten year old jar of pickles. There our little packet's journey stops. He waits at the firewall, sets up camp, and eventually dies of starvation.

But wait! Our green packet went right through port 80 on the firewall! Why can't our cowardly yellow packet?

It's because the firewall is set to only allow packets coming from the proxy server through on port 80. Otherwise anyone could circumvent the proxy simply by telling their browser not to use one. This would suck up more bandwidth and allow people to surf anywhere they wanted!

Now, let's take a look at the devilishly ebil red packet. The red packet is going to travel through your SSH tunnel. Following my earlier post you've set up an OpenSSH server at home along with CCProxy. CCProxy is listening on its default port of 808, VNC on 5900, and SSH on 22.

You run PuTTY on your work PC and connect to your home PC's SSH server. When you connected you set up two tunnels, one for port 808 and another for port 5900.

Now your work PC is listening on port 808 and port 5900. Anything going to your work PC on either of those ports magically pops out the other end of the tunnel at your home PC!

So, if you set your work PC's browser proxy to point to your work PC on port 808, it will pop up on your home PC on port 808 and CCProxy will pick it up.

So, in the case of our little devilish red packet, it goes from your work PC's browser to the front end of the tunnel on port 808. It gets stuffed into the tunnel and travels through it on port 22 until it gets to the other end at your home PC. It exits the tunnel at your home PC and the SSH server sets it back to port 808. CCProxy picks it up on port 808 and acts just like the Base Proxy server. Only this time there are no filters blocking you from going to "naughty" sites. Then it goes out to http://www.grandmothershouse.com and back the same way it came!

The patriotic blue packets are VNC packets. They do much the same thing as the devilishly clever red packets, in that they travel the tunnel. Only they start out on port 5900. When they exit the tunnel back at your home PC, it's WinVNC's turn to pick them up since it's the program listening on that port.

As far as the firewall's concerned, all the red and blue traffic is going over port 22. But we know better. Don't we kiddies?

Image

Then again, since you're not able to hit anything I doubt this will work for you either... oh well...
Benjamin J. Kuhl
Self-proclaimed Slacker
http://benjaminkuhl.com
2007 Scion tC // Dezod Motorsports Stage1 @ 6.7psi -- 309whp, 291 ft-lb

Lord_of_Llanowar
Redshirt
Posts: 7
Joined: Wed Mar 02, 2005 9:33 pm

Re: need help regaining internet acces on work :)

Post by Lord_of_Llanowar » Thu Mar 03, 2005 5:24 pm

[quote="PhoenixGeek";p="460803"][quote="Lord_of_Llanowar";p="460501"]
oh yeah, for the ones who are interested how i deal with keyloggers

i just open wordpad and tell them everything i think about those losers, and threatened to harm the computers in a serious way if they wont remove it(and i will)[/quote]

How the hell you havn't been fired yet I will never know. Try takeing the direct approach and talking with a supervisor or IT manager you daffy twit.[/quote]

they dont fire me cause they need me too bad,
I manage the printing and design section, i have 2 co-workers, the one does the foil, for making letters for cars and stuff, he will quit in a month orso.
i can do that too.
my other co-worker cant do design or foil, and also doesnt know how to work our printer. :)

my supervisor doesnt ever listen, and my it-manager is some kind of compuet nerd hippy dude who gives shit about nothing as he used to run the printing and design and stuff, but they pulled him off of it. so he would love to see it go down :)

Posted Thu Mar 03, 2005 5:31 pm:

tnx for the information pc486 and topcat, and thanks for explaining how it works benjamin.
Alltough i dont think it will work ill give it a try anyway.

User avatar
TopCat
Redshirt
Posts: 3783
Joined: Wed May 21, 2003 1:34 am
Gender: Male
Contact:

Post by TopCat » Thu Mar 03, 2005 10:16 pm

i don't think it's going to work.

my work blocks 22 outgoing but not 23, for reasons I don't know. I edited the line in CYGWIN to make it serve up on port 23, and that worked from work. However I had heard to use the Socks5 firewall thing in Putty so that I would just put it in firefox as a socks 5 firewall. Using the port forwarding as I skimmed in benjamins post, I heard, would not work.

While we're on the subject of SSH (you can ignore this part, Lord_of_Llanowar), anyone know of a program where I can take all outbound traffic on a specific port and reroute it, preferably through putty through an ssh tunnel to home and then, let it go back out on the internet to it's original intended destination.

If you haven't picked up on it yet, it's to play a certain "Game", which does not (yet) have configgable "Proxy" settings.
hahaha i don't come to these forums anymore :x

pc486
Redshirt
Posts: 532
Joined: Fri Jul 09, 2004 1:48 am

Post by pc486 » Fri Mar 04, 2005 4:05 am

I also forgot about reverse-connect tunnels. This tunneling method sometimes works when others fail.

Another method is to fool the firewall by changing your machine's MAC address and IP address. That'll stop some filtering programs/hardware because MACs and IPs uniquely identify your computer. Changing these is like using a stolen identity.

TopCat: Gamer's Internet Tunnel

Locked

Who is online

Users browsing this forum: No registered users and 1 guest