[Gllug] Can I get this to work?

Bruce Richardson itsbruce at uklinux.net
Sun Jan 18 01:42:30 UTC 2004 

On Sat, Jan 17, 2004 at 04:08:50PM +0000, Adrian wrote:
> It's IE 5.5 with all those settings locked down (ie not accessible to the 
> user) - so it's guess at in terms of what my logs show.

Does it also hide the relevant section of the registry?  If so, then one
thing you could do is 

1.  Get a linux box with two network cards
2.  Set up the linux box to be a bridging firewall
(http://sourceforge.net/projects/ebtables/ or
http://bridge.sourceforge.net/).
3.  Remove your workstation's cable from the network socket in the wall
and plug it into the linux box and put in another cable linking the
linux box to the wall socket.

You are now in a position to examine all the traffic between your
workstation and the network.

> > Note: you have to consider how much information you want to give about
> > the network in your workplace.  If your employers discover that you are
> > handing out inside information about the network structure (and with the
> > aim of subverting it) then they may consider that a sackable offence.
> 
> 
> I understand that, obviously. But my employers are not responsible for the 
> firewall and I'm not trying to wreck or damage anything, just read my emails.

Not all employers are that sympathetic on this point.  They may take the
view that you should be reading your work email.  Besides, if you
succeed in using ssh to connect outwards, you have also created a
possible route in (even if you choose not to use it), since you could
then forward local ports out.  One trick is to forward the local ssh
port to the remote computer, which then makes it possible, from the
remote end, to use ssh to set up arbitrary connections between the
remote lan and the supposedly protected one.  This is the kind of thing
that the network admins who created the firewall want to prevent, I
presume.

-- 
Bruce

I see a mouse.  Where?  There, on the stair.  And its clumsy wooden
footwear makes it easy to trap and kill.  -- Harry Hill
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20040118/58066273/attachment.pgp>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list