Getting around a network firewall..
-
- Almost 1337
- Posts: 697
- Joined: April 7, 2005, 1:11 am
- Gender: Male
- XBL Gamertag: tjevolved
- Location: Key Largo, Florida
- Contact:
Getting around a network firewall..
OK.. so my job put up this insanely strict firewall.. I cant access Newsgroups/Messageboards, games such as AdventureQuest, FallenSword, and OGame, couldn't access my email until i bitched about it until they took it off the filter.
Bottom line is.. is there anyway to get around a firewall in an office type scenario without letting the Admins know?
Bottom line is.. is there anyway to get around a firewall in an office type scenario without letting the Admins know?
Darttanion Romances, 70 bard (Retired)
Gonzoie Eatsalot, 65 Druid (Long been Retired)
Gonzoie Eatsalot, 65 Druid (Long been Retired)
I don't know anything about directly going around them but more than likey you can't. Which is why they weret put in place! But if you are still able to SSH out you you can set up a tunnel to your home PC and then use Remote Desktop. Works fine for my use. You just need to find an open port if the usual SSH one (22) is blocked. 443 is usually a good alternative.
http://www.engr.wisc.edu/computing/best ... putty.html is a fairly straightforward guide.
http://www.engr.wisc.edu/computing/best ... putty.html is a fairly straightforward guide.
Have You Hugged An Iksar Today?
--
--
I also use Remote Desktop. I don't do anything special to set it up besides enter my home PC's IP and use user name/password. You need XP Pro or Vista Business/Ultimate on your home PC to to it that way though. If you don't have that, you can always try RealVNC http://www.realvnc.com/ depending on what ports are open.
If you can't use Remote Desktop for some reason, or don't have a clue what we're talking about, you might be able to use GoToMyPc. I used to use that. It easy to setup but costs some money though as you use GoToMyPC's servers to access your remote PC:
https://www.gotomypc.com/en_US/entry.tm ... goto&_sf=2
nothing needs to be installed at your work and it uses the standard 8080 web browsing port.
There's a free trial so you can see if it would work before you gave them any moola. Don't forget to setup your home PC with teh software before trying it from work of course.
Also, you need decent upload capability from you home PC since it needs to send images of what's happening on your home PC to your work, all encrypted of course. It's pretty snappy with 1Mbps.
If you can't use Remote Desktop for some reason, or don't have a clue what we're talking about, you might be able to use GoToMyPc. I used to use that. It easy to setup but costs some money though as you use GoToMyPC's servers to access your remote PC:
https://www.gotomypc.com/en_US/entry.tm ... goto&_sf=2
nothing needs to be installed at your work and it uses the standard 8080 web browsing port.
There's a free trial so you can see if it would work before you gave them any moola. Don't forget to setup your home PC with teh software before trying it from work of course.
Also, you need decent upload capability from you home PC since it needs to send images of what's happening on your home PC to your work, all encrypted of course. It's pretty snappy with 1Mbps.
A lot of places block the port remote desktop uses. Which is what makes the tunnel over SSH a handy solution as you can use just about whatever port you want. It's also nice it you want to do command line operations or transfer files. Plus you don't have to install any applications on your work PC as Putty is just an exe that doesn't need to be installed.
Not to mention using this method everything is encrypted. I don't know if you get that through straight remote desktop.
Not to mention using this method everything is encrypted. I don't know if you get that through straight remote desktop.
Have You Hugged An Iksar Today?
--
--
It's not the best, but it's encrypted:Aslanna wrote: Not to mention using this method everything is encrypted. I don't know if you get that through straight remote desktop.
Remote desktop is encrypted, which makes it more secure than many simplistic VNC implementations. However, Remote Desktop is vulnerable to a man-in-the-middle attack because it does not use a certificate to authenticate the server like SSL/SSH does. That means that if you connect to a your system via remote desktop, there is no guarantee that the conversation is not recorded and your passwords are not guaranteed to be safe, even though the session is encrypted.
Encryption
RDP uses RSA Security's RC4 cipher, a stream cipher designed to efficiently encrypt small amounts of data. RC4 is designed for secure communications over networks. Beginning with Windows 2000, administrators can choose to encrypt data using a 56- or 128-bit key.
Can't copy files but I do make use of the clipboard to copy and paste web data that's blocked at work and other data into Word at work for proper formatting and printing.Bandwidth reduction features
RDP supports various mechanisms to reduce the amount of data transmitted over a network connection. Mechanisms include data compression, persistent caching of bitmaps, and caching of glyphs and fragments in RAM. The persistent bitmap cache can provide a substantial improvement in performance over low-bandwidth connections, especially when running applications that make extensive use of large bitmaps.
RDP seems to run even better on Vista. While I'm not using Vista at work, I still see my home desktop as it visually appears in Vista without being able to update to the latest client RDP software at work.(wallpaper turne off of course for speed) The one thing I've noticed missing is the pop-up thumbnails of apps minimized to the task bar when hovered over. Not a big deal. It's fast enough to update streaming level II quotes and update charts, view a comic or edit the covers for posting to VV for example.Clipboard mapping
Users can delete, copy, and paste text and graphics between applications running on the local computer and those running in a Terminal Services session, and between sessions.
I like to access my main PC from my laptop at home sometimes to work with files, surf the net with my most up to date browser and access all the apps which aren't on my laptop. For movies, I use the regular gigabit lan to stream them.
It's still RDP.. It's just tunneled via SSH. In my opinion, other than the initial setup, there's no reason not to go that way instead of direct RDP. I'm willing to bet if they setup the firewall at Gonzoie's place of work to be 'insanely strict' that the RDP port will be blocked.
Have You Hugged An Iksar Today?
--
--
Let me know how those viruses and spyware jump from RDP into the network and you'll have a point.Kelshara wrote:You get infected by crap just as easily on your lunch break. You can use your computer as much as you want at work (lunch or no lunch) but there is absolutely no way I would allow crap like newsgroups.
When I work on newsgroups, it's via RDP, ...and Newsgroups are about the safest place to download shit anyway but the only thing that would get "infected" would be my home PC.
I'd encourage surfing via RDP from work (if people are allowed to surf) if I was an IT person.
- Siji
- Way too much time!
- Posts: 4040
- Joined: November 11, 2002, 5:58 pm
- Gender: Male
- XBL Gamertag: mAcK 624
- PSN ID: mAcK_624
- Wii Friend Code: 7304853446448491
- Location: Tampa Bay, FL
- Contact:
Aslanna showed me the way of RD a long time ago, but my personal preference has been to improve on it by using BitVise's WinSSHd server and its tunnelier client. Tunnelier is free, WinSSHD isn't. Just has more features and easier to use keys and such. I love the FTP type client that's included in it since my ISP blocks all attempts at running an ftp server. Perfect for getting some MP3s to my work PC to listen to whlie workin'.
- Aabidano
- Way too much time!
- Posts: 4861
- Joined: July 19, 2002, 2:23 pm
- Gender: Male
- Location: Florida
Re: Getting around a network firewall..
My 2 cents, don't be amazed when you get fired for violating the companies acceptable use policy, and possibly sued for damages if you're the cause of an incident of any sort.Gonzoie - Luclin wrote:Bottom line is.. is there anyway to get around a firewall in an office type scenario without letting the Admins know?
If you're using Windows and it's showing on your screen it can be monitored, an ongoing stream of encrypted traffic to _a_ non-business location (RDP, SSH, whatever) is pretty much a dead giveaway.
"Life is what happens while you're making plans for later."
- noel
- Super Poster!
- Posts: 10003
- Joined: August 22, 2002, 1:34 am
- Gender: Male
- Location: Calabasas, CA
It's pretty simple really. When you use RDP, you're opening a two-way pipe from two endpoints. If one of the endpoints is compromised and monitoring open connections, it IS possible for that open pipe to be exploited.Winnow wrote:Unless you're talking about some sort of cuting and pasting of data. I'd like to know more than "it's possible" out of curiosity.noel wrote:I assure you, it's possible.Winnow wrote:Let me know how those viruses and spyware jump from RDP into the network and you'll have a point.
I realize that it's 100% impossible that your home PC could ever become compromised, but for the less savvy user who either thinks they know what they're doing, or has no clue what they're doing and is posting on a message board to find out how to bypass their company's firewall... yes, it's possible for RDP to be exploited.
My company is now part of Bell Labs. I've been learning lately that a lot of things I thought were secure are not, and a lot of things that I thought were not possible are. Specifically within the realm of network and PC security.
Bear in mind, I'm not making fun of your ability to keep your PC clean. I'm sure you know how, and I'm sure you're very diligent about keeping it clean. That said, I think anyone *could* be infected, especially if they were being targetted. Targetted attacks are becoming more common of late and they're fucking scary.
Oh, my God; I care so little, I almost passed out.
- noel
- Super Poster!
- Posts: 10003
- Joined: August 22, 2002, 1:34 am
- Gender: Male
- Location: Calabasas, CA
Re: Getting around a network firewall..
Yeah this is the part that cracks me up. If your IT department is amateur hour, I'm sure you can do this all day long and no one will notice.Aabidano wrote:If you're using Windows and it's showing on your screen it can be monitored, an ongoing stream of encrypted traffic to _a_ non-business location (RDP, SSH, whatever) is pretty much a dead giveaway.
If however, you work for one of my more savvy customers, and their IPS saw any of the above you mentioned from a USER, the IT staff will likely get an alert, an SNMP trap, an email, and the user would probably be auto-quarantined to a VLAN with no access to anything, except maybe if they're lucky a remediation server where the user will be directed to a webpage asking that they call the IT department.
When you move into the realm of high-end financial or DoD networks, I assure you, you won't be doing ANY of that... assuming you like your job, your career or your security clearance.
Oh, my God; I care so little, I almost passed out.
Re: Getting around a network firewall..
Anyone who went around security in those instances is a complete moron who deserves to be fired.noel wrote:When you move into the realm of high-end financial or DoD networks, I assure you, you won't be doing ANY of that... assuming you like your job, your career or your security clearance.
Personally I'm not that worried about it where I work. RDP for the most part seems to not take that much bandwidth especially while minimized, where I have it most of the time, where it doesn't even make my LAN icon in the system tray flash.
I'm not saying it's right or wrong. He was asking for ways around so I provided one. It's up to him if it's worth the risk or not.
Bottom line is... Admins can pretty much find out anything if they desire to do so.Gonzoie - Luclin wrote:Bottom line is.. is there anyway to get around a firewall in an office type scenario without letting the Admins know?
Have You Hugged An Iksar Today?
--
--
So you're saying my home PC would need to be hacked and then the hacker would use the open pipe somehow to hack the business servers?noel wrote: It's pretty simple really. When you use RDP, you're opening a two-way pipe from two endpoints. If one of the endpoints is compromised and monitoring open connections, it IS possible for that open pipe to be exploited.
I'm more curious if this is an easy hack some high school kid can do or if we need Kevin Mitnick on the job for the hack.
Non DoD/financial companies are more concerned with day to day spyware and viruses users pick up on porn sites, etc than an actual hacker. The bulk of their time seems to be fixing user's computers that screw them up surfing the net. RDP pretty much takes care of that problem.
Degree of difficulty would matter quite a bit in this case. One of the IT guys at work recommended I use RDP when I was probing him for open ports while trying to get VNC up and running.noel wrote:You asked if it was possible. I understand the relevance of degree of difficulty, but the point is that it's possible.
I was just curious if you had any real world examples of RDP being hacked.
- Aabidano
- Way too much time!
- Posts: 4861
- Joined: July 19, 2002, 2:23 pm
- Gender: Male
- Location: Florida
The recent MS vulnerabilities could have done it quite easily from what I can see, all they needed was a visit to a hostile\compromised website. You wouldn't have know it happened for a few days either, easily long enough for other non-obvious things to be buried on your system. Could it impact both ends? I won't say yes but it wouldn't surprise me in the least if it could be used in that fashion.Winnow wrote:So you're saying my home PC would need to be hacked and then the hacker would use the open pipe somehow to hack the business servers?
I'm more curious if this is an easy hack some high school kid can do or if we need Kevin Mitnick on the job for the hack.
It only takes one smart person to invent the hack, then you've got a legion of script kiddies implementing it.
"Life is what happens while you're making plans for later."
- noel
- Super Poster!
- Posts: 10003
- Joined: August 22, 2002, 1:34 am
- Gender: Male
- Location: Calabasas, CA
I do not have any real world examples that I can share with you.Winnow wrote:Degree of difficulty would matter quite a bit in this case. One of the IT guys at work recommended I use RDP when I was probing him for open ports while trying to get VNC up and running.noel wrote:You asked if it was possible. I understand the relevance of degree of difficulty, but the point is that it's possible.
I was just curious if you had any real world examples of RDP being hacked.
If your IT guy said do it, then have a great time. I'm not debating whether it's right or wrong. Degree of difficulty doesn't matter because it's not a question of whether it's easy or hard, it's a question of whether it's possible or impossible. It's possible.
Oh, my God; I care so little, I almost passed out.
I disagree. Degree of difficulty does matter. If it didn't matter, every employee would have to use one of the Get Smart cones of silence whenever they spoke as it's possible someone could overhear them otherwise.noel wrote:Degree of difficulty doesn't matter because it's not a question of whether it's easy or hard, it's a question of whether it's possible or impossible. It's possible.
- Aabidano
- Way too much time!
- Posts: 4861
- Joined: July 19, 2002, 2:23 pm
- Gender: Male
- Location: Florida
RDP isn't SSHv2 or IPSec using AES encryption, both of those approach impossible to break realtime when properly implemented. Same with SSL for that matter.Winnow wrote:I disagree. Degree of difficulty does matter.
RDP is a fast, lightweight protocol, not necessarily a secure one from the little I've read on it. Everyone I know that uses as part of a business tunnels it inside something else. If someone were to target you, they will get your data. If you've got the server running on a public network, I guarantee people have already identified it. Does it matter? Dunno but I wouldn't do it.
The attacks they talk about below would be doable on some cable plants I've seen, but wouldn't impact most DSL systems.
http://www.securiteam.com/windowsntfocu ... 0KG0G.html
"Life is what happens while you're making plans for later."
Even if your office has the RDP port open I wouldn't recommend running it directly. Tunneling is a must! Also a little easier to disguise due to not using port 3389. If you're going direct I'd recommend at least changing the port. This is easily accomplished in the registy.
(Also note I'm no security expert. Just going on a few things I read. Extra precaution is always a good thing.)
Note this stops Remote Assistance from working properly.To change the RDP operating port:
Use a registry editing tool to navigate to the following key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp
Insert or change a value with the following details:
Data Type:DWORD
Value Name:PortNumber
Value:The number of the port you wish the RDP service to operate on, e.g. 12345
Restart your computer for the changes to take effect.
Note: It is best to avoid any ports that are commonly used by other protocols.
(Also note I'm no security expert. Just going on a few things I read. Extra precaution is always a good thing.)
Have You Hugged An Iksar Today?
--
--