Oh school networks

[fido2]

Uh, I snuck in access.cpl and changed the window theme to high-contrast.

[PsychoFlames]

or that they can simply spoof the MAC address and gain access anyway...

In order to do that, they'd need to get the MAC address of whatever you've given access to, which is kind of hard to do when they'd need to get into the network to be able to communicate locally and obtain your MAC address from the packet headers in the first place. As far as I know, the originating source MAC address isn't retained when a packet is routed, only the source network address and everything in the layers above the network layer.

[Majestic]

About 1.5 years ago I worked as an admin in one of labs at my old school. Basically, kids would come in and use the lab. We had a filter thingy installed, but it was ONLY enabled on IE. All the smart kids used Firefox and I didnt discourage it.

 

No one really did any bad stuff, since about 75% of the time we just played BF1942. It was fun, except there was no OC and the machines were total sh*t

[millermagic]

So in other words you made this up?

I did not make it up, but I'm not going to tell anyone how to do it. You just have to find out for yourself. I have the eerie feeling that if I told anyone on here, they would get in trouble for it and it would come back to me. Had I not almost got criminal charges pressed against me, I might be willing to say.

[just another thug]

So in other words you made this up?

I did not make it up, but I'm not going to tell anyone how to do it. You just have to find out for yourself. I have the eerie feeling that if I told anyone on here, they would get in trouble for it and it would come back to me. Had I not almost got criminal charges pressed against me, I might be willing to say.

You use a proxy server. It's not that hard.

[millermagic]

There it is but I did not say it.

 

But the reason I got in trouble for it was I used my home pc for it.

[Myscha]

 

or that they can simply spoof the MAC address and gain access anyway...

In order to do that, they'd need to get the MAC address of whatever you've given access to, which is kind of hard to do when they'd need to get into the network to be able to communicate locally and obtain your MAC address from the packet headers in the first place. As far as I know, the originating source MAC address isn't retained when a packet is routed, only the source network address and everything in the layers above the network layer.

Well, if you look at the wireless traffic, the packets aren't going to be changed yet because they haven't went through anything. You will see the source MAC address in the header because its the computer still has to transmit it across the wireless link.

@Opius: I wish I had a working wireless card Then I could work on MY tan

 

Edited January 16, 2006 by Myscha

[_-playero-_]

Since I'm a newb and not a lamer, it could be a funny way to start this Senior year... I know my school network can be easy to play with, so is there any way to get access to server? Like, some of my teachers keep data there, would be fun to see whats in there...

[Myscha]

Depends on what the server is running...

[just another thug]

You can play with the server very easily. We were able to get into teacher drop folders. It's just a matter of reading up on those things.

[Opius]

There it is but I did not say it.

 

But the reason I got in trouble for it was I used my home pc for it.

You do realize that a basic script to bypass filters are all of four lines? It's nothing special.

 

$cUrl = curl_init();curl_setopt($cUrl, CURLOPT_URL, $_GET['url']);echo str_replace('http://',$_SERVER['PHP_SELF'].'?url=http://',curl_exec($cUrl));curl_close($cUrl);

 

[Bond996]

Just sniff your teachers logging onto an SMTP server from a laptop wirelessly.

[PsychoFlames]

There it is but I did not say it.

 

But the reason I got in trouble for it was I used my home pc for it.

You do realize that a basic script to bypass filters are all of four lines? It's nothing special.

 

$cUrl = curl_init();curl_setopt($cUrl, CURLOPT_URL, $_GET['url']);echo str_replace('http://',$_SERVER['PHP_SELF'].'?url=http://',curl_exec($cUrl));curl_close($cUrl);

 

Or *.nyud.net:8090.

[Myscha]

Just sniff your teachers logging onto an SMTP server from a laptop wirelessly.

What would that do? I don't get it.

[Bond996]

 

Just sniff your teachers logging onto an SMTP server from a laptop wirelessly.

What would that do? I don't get it.

SMTP, FTP, Telnet, POP3, and a score of other protocols all transmit passwords in plaintext, unless running in a secured mode, which very few places will actually do. So by running a packet sniffer you can just lift their password, which is probably the same as what they use on the network.

[EmSixTeen]

 

There it is but I did not say it.

 

But the reason I got in trouble for it was I used my home pc for it.

You do realize that a basic script to bypass filters are all of four lines? It's nothing special.

 

$cUrl = curl_init();curl_setopt($cUrl, CURLOPT_URL, $_GET['url']);echo str_replace('http://',$_SERVER['PHP_SELF'].'?url=http://',curl_exec($cUrl));curl_close($cUrl);

 

Or *.nyud.net:8090.

I'll have to test that on my college's now rather secure network..

 

Edit: lol, no, useless.. It keeps the page's original links, so the next page is like you never used it.

[maws]

Turns out I'm going to be working full time at a school from monday helping to manage, maintain and secure their networking facilities (primarily wireless). I'll bear this thread in mind when I keep an eye on the kids.

[Bond996]

There it is but I did not say it.

 

But the reason I got in trouble for it was I used my home pc for it.

You do realize that a basic script to bypass filters are all of four lines? It's nothing special.

 

$cUrl = curl_init();curl_setopt($cUrl, CURLOPT_URL, $_GET['url']);echo str_replace('http://',$_SERVER['PHP_SELF'].'?url=http://',curl_exec($cUrl));curl_close($cUrl);

 

Or *.nyud.net:8090.

I'll have to test that on my college's now rather secure network..

 

Edit: lol, no, useless.. It keeps the page's original links, so the next page is like you never used it.

Depends on the website. It maintains original links on some, but doesn't on others. You could write a firefox greasemonkey script that would change the links for you though.

 

My school isn't good enough to have filters. They either turn off all HTTP access to computers as per the teachers decision in a class, or they have a list of domains set up to disallow. So they blocked myspace.com, but not home.myspace.com, so even after they figured out to block myspace's IP, kids are using the google cache to surf.