hiding ip

  • Thread starter Thread starter Boom
  • Start date Start date
B

Boom

I'm on a windows 2000 network using active directory. Our network admin has
some product that sniffs the network and find pcs which don't have the
latest service packs, windows updates, etc...
Is there a way to hide a computer on the network so this sniffer can't
detect it? is there software or can i program something that could perhaps
give off a "false ip address" when i'm on the internal network?
using a router isn't an option.

my network person said there wasn't anything made or anything i could do so
he couldn't find my machine. i'd love to prove him wrong.

thanks.
 
Boom said:
I'm on a windows 2000 network using active directory. Our network admin has
some product that sniffs the network and find pcs which don't have the
latest service packs, windows updates, etc...
Is there a way to hide a computer on the network so this sniffer can't
Click to expand...

Why do you want to do this? You want to deliberately use a computer
that doesn't meet company standards?
detect it? is there software or can i program something that could perhaps
give off a "false ip address" when i'm on the internal network?
using a router isn't an option.
Click to expand...

I don't think so. In order for your computer to work with servers, they
have to know the IP to send the replies to. So if the PC sends packets
with a false IP address, the replies won't get back to it.
 
There are no ill intentions, i just don't like being told something can't be
done when it comes to computers.
So I"m doing some research to see if I can prove him wrong.

appreciate the info.

thanks.
 
There are tools, mostly in the "*nix" world that will spoof a mac address or
reply (when an ARP request is made) with a phony mac address. You can
probably configure it only to do that for replys from specific hosts. If you
have local WINS/DNS, it won't work unless you use somethong like ettercap as
a man-in-the-middle. It wouldn't be easy in any case and you're treading on
thin ice here. I'd be in fear of being fired for putting bona fide hacker
tools inside my company's network.

....kurt

Boom said:
There are no ill intentions, i just don't like being told something can't
be done when it comes to computers.
So I"m doing some research to see if I can prove him wrong.

appreciate the info.

thanks.
Click to expand...
 
I think the best you could do is to get a firewall and put it in
stealth mode. In stealth mode unsolicited queries sent to your
machine are just ignored. Its as if your computer didn't exist. If
your computer initiates an outbound connection, then replies will be
able to get to it, otherwise things just don't get in.

If your network admin suspects you are doing this, all he has to do is
monitor the server logs. Since your machine is connected to the
network everytime it sends out a request, it goes across servers that
the network admin controls. He may not be able to use his tool to see
if your computer is compliant with company policies, but he can still
see its connected if traffic is coming from it.

I read this request as "I want to use my personal computer at work,
and don't want to get caught doing it."

There are no ill intentions, i just don't like being told something can't be
done when it comes to computers.
So I"m doing some research to see if I can prove him wrong.

appreciate the info.

thanks.
Click to expand...
 
Boom said:
I'm on a windows 2000 network using active directory. Our network admin has
some product that sniffs the network and find pcs which don't have the
latest service packs, windows updates, etc...
Is there a way to hide a computer on the network so this sniffer can't
detect it? is there software or can i program something that could perhaps
give off a "false ip address" when i'm on the internal network?
using a router isn't an option.

my network person said there wasn't anything made or anything i could do so
he couldn't find my machine. i'd love to prove him wrong.
Click to expand...

You can put your computer behind a router and use NAT. My 'daytime' job forbids
non authorized routers for just this reason....

However, he may still be able to ID the router and know there are one or more
computers behind it. And he could use a network monitor to confirm traffic
coming from behind the router.
 
M.Waters said:
I think the best you could do is to get a firewall and put it in
stealth mode. In stealth mode unsolicited queries sent to your
machine are just ignored. Its as if your computer didn't exist. If
your computer initiates an outbound connection, then replies will be
able to get to it, otherwise things just don't get in.

If your network admin suspects you are doing this, all he has to do is
monitor the server logs. Since your machine is connected to the
network everytime it sends out a request, it goes across servers that
the network admin controls. He may not be able to use his tool to see
if your computer is compliant with company policies, but he can still
see its connected if traffic is coming from it.

I read this request as "I want to use my personal computer at work,
and don't want to get caught doing it."
Click to expand...

Except that real stealth mode do not exists.

So that machine is able to get return packets of its connections
it needs to answer to ARP question. So in same LAN it needs to
just ask IP address -> ethernet address translation via ARP. That
will tell that machine exists.

And if machine is on another LAN, you need to just ping
it. If machine do not exists (ie. it do not answer to ARP question),
router will answer that it do not able to route packet
to it. If there is not answer, machine exists (ie.
router have found ethernet address for it.)


/ Kari Hurtta
 
Phil Frisbie said:
You can put your computer behind a router and use NAT. My 'daytime' job
forbids
non authorized routers for just this reason....
Click to expand...

The OP specifically said "using a router isn't an option".
 
I'm on a windows 2000 network using active directory. Our network admin has
some product that sniffs the network and find pcs which don't have the
latest service packs, windows updates, etc...
Is there a way to hide a computer on the network so this sniffer can't
detect it? is there software or can i program something that could perhaps
give off a "false ip address" when i'm on the internal network?
using a router isn't an option.

my network person said there wasn't anything made or anything i could do so
he couldn't find my machine. i'd love to prove him wrong.

thanks.
Click to expand...

You probably could use something like the free zonealarm to put
the computer in the stealth mode for incomming request. Bare in
mind that the IT guy can monitor all network traffic including
anything comming/going from your computer to the network. For
security and liability reasons, most companys now have a standard
policy of forbidding "non business related use" of their
computers and forbid loading "non approved" software on any of
their computers. The disiplanary actions for these infractions
usually includes "...up to and including termination and criminal
prosecution". Your IT guy could be baiting you into getting
yourself fired. Beware of the clever geeks! ;-)
 
Back
Top