Unspoken Subject

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Sarb-Oxl.... Does anyone want to breech the unspoken subject and tell me how
I can block intrutions by an SMS Console to your Home PC???
I have tried every Firewall, and Software i can get my hands on. The biggest
problem comes from the first time I get on the I-Net, they access via just
about any
port they want. It goes through Firewall like paper. I have been told, that
it can us a Tunnel in a Tunnel on 80.. Dont really know. Once in , they take
over all privledges, and then that it. I re-load my lap-top twice a week, it
takes a while for all there stuff to load up via background x-fer.I put a
program on here once that did
verbose logging on all changes...Unbelievable...
I tried 4 different types of Linux.. Same thing...The only thing that really
slows them
down is Deep-Freeze. It takes a while to get around that one. Suggestions???
I'm not going to get into the legality on this, other than to say, if you
are an IS employee, have access from home via whatever.They can access THAT
PC, not all.
I have 2 broadband conns, 1 for work and 1 for home.. My Laptop is on my Home
system. Any brave soles out there wish to take this on.And jsut so you
know, I am the only
IS person in a company of about 8,000, that has found this little peice of
artwork. Because it is high tech, but its still run by Humans, which is where
they messed up with me.. You dont assume anything about anyone's ability.I
can hold my own, but I want a permanent solution. This ihas been going on for
5 Months, and it is a fight, to be sure. Understand if no-one wants to touch
this, thanks for looking. I do think that too much ability was given on
this.
 
HACKED-OUT said:
Sarb-Oxl.... Does anyone want to breech the unspoken subject and tell
me how I can block intrutions by an SMS Console to your Home PC???
I have tried every Firewall, and Software i can get my hands on. The
Click to expand...

(snip long strange rant)

It is time to call in outside tech support. I'm sure you think you are
the only "IS person in a company of about 8,000" but that is extremely
unlikely.

It is also extremely unlikely that any of what you think is happening to
you is really happening. An SMS Console cannot be installed on a Linux
box for instance.

On the very off-chance that you do have some security issue(s), this
will not be possible to solve in a Usenet newsgroup. Have a local
professional with security experience come on-site and take a look at
what is really going on.

Good luck,

Malke
 
And how does it get past a properly configured firewall?? Most likely you
are unknowingly letting it in somehow. A good firewall does not allow
traffic in that is not in response to traffic initiated by your computer.

Steve
 
HACKED-OUT said:
Sarb-Oxl.... Does anyone want to breech the unspoken subject and tell me
how I can block intrutions by an SMS Console to your Home PC???
I have tried every Firewall, and Software i can get my hands on. The
biggest
problem comes from the first time I get on the I-Net, they access via
just about any
port they want. It goes through Firewall like paper. I have been told,
that
it can us a Tunnel in a Tunnel on 80.. Dont really know. Once in , they
take over all privledges, and then that it. I re-load my lap-top twice a
week, it takes a while for all there stuff to load up via background
x-fer.I put a program on here once that did
verbose logging on all changes...Unbelievable...
I tried 4 different types of Linux.. Same thing...The only thing that
really slows them
down is Deep-Freeze. It takes a while to get around that one.
Suggestions??? I'm not going to get into the legality on this, other than
to say, if you are an IS employee, have access from home via whatever.They
can access THAT PC, not all.
I have 2 broadband conns, 1 for work and 1 for home.. My Laptop is on my
Home system. Any brave soles out there wish to take this on.And jsut so
you
know, I am the only
IS person in a company of about 8,000, that has found this little peice of
artwork. Because it is high tech, but its still run by Humans, which is
where they messed up with me.. You dont assume anything about anyone's
ability.I can hold my own, but I want a permanent solution. This ihas been
going on for 5 Months, and it is a fight, to be sure. Understand if no-one
wants to touch
this, thanks for looking. I do think that too much ability was given on
this.
Click to expand...


I am not familiar with SMS console as I am a Linux guy. I would guess what
is happening here is that your laptop/pc is "calling home" and that is how
it is getting through the firewall. In other words your company's PC is
using an outbound connection to your company. You probably are controlling
(firewalling) inbound only connections and not outgoing...

To block it is easy. Next time it happens look at your firewall and look for
connections going to your companies network...next look for the ports it is
using and block them (outgoing).

Good luck

Imhotep
 
imhotep said:
I am not familiar with SMS console as I am a Linux guy. I would guess
what is happening here is that your laptop/pc is "calling home" and
that is how it is getting through the firewall. In other words your
company's PC is using an outbound connection to your company. You
probably are controlling (firewalling) inbound only connections and
not outgoing...

To block it is easy. Next time it happens look at your firewall and
look for connections going to your companies network...next look for
the ports it is using and block them (outgoing).
Click to expand...

Of course - if this is a company computer he's talking about, and it's being
managed by his employer, then he probably shouldn't block it even if he can.

I didn't read it that way at all, I thought he was talking about being
hacked by strangers, somehow. But it's hard to tell.
 
HACKED-OUT said:
Sarb-Oxl.... Does anyone want to breech the unspoken subject and
tell me how I can block intrutions by an SMS Console to your Home
PC??? I have tried every Firewall, and Software i can get my hands on.
The biggest problem comes from the first time I get on the I-Net,
they access via just about any
port they want. It goes through Firewall like paper. I have been
told, that it can us a Tunnel in a Tunnel on 80.. Dont really
know. Once in , they take over all privledges, and then that it. I
re-load my lap-top twice a week, it takes a while for all there
stuff to load up via background x-fer.I put a program on here once
that did verbose logging on all changes...Unbelievable...
I tried 4 different types of Linux.. Same thing...The only thing
that really slows them
down is Deep-Freeze. It takes a while to get around that one.
Suggestions??? I'm not going to get into the legality on this,
other than to say, if you are an IS employee, have access from home
via whatever.They can access THAT PC, not all.
I have 2 broadband conns, 1 for work and 1 for home.. My Laptop is
on my Home system. Any brave soles out there wish to take this
on.And jsut so you know, I am the only
IS person in a company of about 8,000, that has found this little
peice of artwork. Because it is high tech, but its still run by
Humans, which is where they messed up with me.. You dont assume
anything about anyone's ability.I can hold my own, but I want a
permanent solution. This ihas been going on for 5 Months, and it is
a fight, to be sure. Understand if no-one wants to touch this,
thanks for looking. I do think that too much ability was given on
this.
Click to expand...
I am not familiar with SMS console as I am a Linux guy. I would
guess what is happening here is that your laptop/pc is "calling
home" and that is how it is getting through the firewall. In other
words your company's PC is using an outbound connection to your
company. You probably are controlling (firewalling) inbound only
connections and not outgoing...

To block it is easy. Next time it happens look at your firewall and
look for connections going to your companies network...next look
for the ports it is using and block them (outgoing).
Click to expand...

Robert said:
Of course - if this is a company computer he's talking about, and
it's being managed by his employer, then he probably shouldn't
block it even if he can.
I didn't read it that way at all, I thought he was talking about
being hacked by strangers, somehow. But it's hard to tell.
Click to expand...


He said that even Linux is being hacked that way... So...
I am doubtful of the entire story.

I think this op, if they are being truthful, has other trouble. Almost
sounds like someone local is playing games with them (local to their system)
if they are as "skilled" as they claim with the, "... I can hold my own ..."
comment. After all - if they believe SMS is rebuilding their computer from
scratch once they have formatted it and installed anything *at home* - much
less Linux - there is no need to question their ability - they have done a
fine job of providing proof thereof.
 
Shenan said:
He said that even Linux is being hacked that way... So...
I am doubtful of the entire story.

I think this op, if they are being truthful, has other trouble. Almost
sounds like someone local is playing games with them (local to their
system) if they are as "skilled" as they claim with the, "... I can hold
my own ..."
comment. After all - if they believe SMS is rebuilding their computer
from scratch once they have formatted it and installed anything *at home*
- much less Linux - there is no need to question their ability - they have
done a fine job of providing proof thereof.
Click to expand...


Perhaps, or none us understand what the h3ll this guys is asking...
 
I guess I need to clarify some things so you will understand better.
First, it is my PC, my License, I am refering to. No, I dont think something
is just rebuilding my PC's from the ground up and I also know I am not the
only
IS person. What is going on is at my home, on my private PC's, on a seperate
Broadband conn. As for how I find out how its done, is by reloading my PC 2
times a week, watch how its done, till I get all the peices. My rights are
taken
away on some areas and I have no control over that Service or function. How
it
gets installed is different depending on the situation. The most common is
by the
Updates... A pre-arranged template or list is used to ensure that all the
right software is installed on the first couple of updates. Very common to
ensure that
the Volume License Holder may need something added to their PC's that they
want
to make sure gets updated . What you get is all the right parts and a small
runonce
file and Ports are opened, your IP get sent to the right server and your on
your way
to a totally different PC...I set up logs and all kinds of stuff to show the
process.
I even have a Forenic Program that let me see what they are putting where.
The first thing that gets done is an image is made for situations that may
call for a
rapid FIX.... Hard to believe or denial is the first reaction from anyone
who works with IS....My point is that it can happen all kinds of ways, unless
you just shutoff
your PC I-Net Access.... There are forums out there that address this all
the time.
Is it right or wrong for a company to be able to do this on an Employes's
PC that has outside access. Doesnt matter, they have the legal right to do so
now. But, should they be allowed to access every PC on your Home Net to make
sure that your
teen age daughter is not dragging in Viruses or whatever. I have a private
and a
Company only Conn. I still get hacked on my home PC's. You ever seen a
RFBluetooth program? Picks up any instance of Bluetooth within range not
matter what its on. Cell Phone, Cordless Mouse, Keyboard... Open access's to
be used
to gain entry. What I was looking for was way to hold all authority to my
PC to on my account only. Can it be done? I can hold the Namespace Authority,
but cant hold the System or Net Authority accounts. I know its not supposed
to be done, but can it be done? The best protection for any PC that I have
found is Deep Freeze with No executables working together. About 50 dollars
for both. Nothing will execute that you dont authorize yourself and Deep
Freeze returns the PC to the same config that it was in when you put Deep
Freeze into FREEZE Mode. Again thanks for taking the time to read this..
Nothing stated in here is false, and I have all kinds
of Log files that show this to be honest. If you need to know the Why is
this being
done... Its because I didnt allow my Private PC's to be accessed.
According to the
Sarban-Ox risk factor Guide, that makes me a Security risk. I dont want to
take this
to any other Authority ... I am looking for a way just to do this without
causing problems. I you need more detailed info, I will be happy to provide
it.

Thank you again for even taking the time to read this.



HE WHO DARES WINS
 
HACKED-OUT said:
Sarb-Oxl.... Does anyone want to breech the unspoken subject and
tell me how I can block intrutions by an SMS Console to your Home
PC???
I have tried every Firewall, and Software i can get my hands on.
The biggest problem comes from the first time I get on the I-Net,
they access via just about any
port they want. It goes through Firewall like paper. I have been
told, that it can us a Tunnel in a Tunnel on 80.. Dont really
know. Once in , they take over all privledges, and then that it. I
re-load my lap-top twice a week, it takes a while for all there
stuff to load up via background x-fer.I put a program on here once
that did
verbose logging on all changes...Unbelievable...
I tried 4 different types of Linux.. Same thing...The only thing
that really slows them
down is Deep-Freeze. It takes a while to get around that one.
Suggestions??? I'm not going to get into the legality on this,
other than to say, if you
are an IS employee, have access from home via whatever.They can
access THAT PC, not all.
I have 2 broadband conns, 1 for work and 1 for home.. My Laptop
is on my Home system. Any brave soles out there wish to take this
on.And jsut so you
know, I am the only
IS person in a company of about 8,000, that has found this little
peice of artwork. Because it is high tech, but its still run by
Humans, which is where they messed up with me.. You dont assume
anything about anyone's ability.I can hold my own, but I want a
permanent solution. This ihas been going on for 5 Months, and it
is a fight, to be sure. Understand if no-one wants to touch this,
thanks for looking. I do think that too much ability was given on
this.
Click to expand...

HACKED-OUT said:
I guess I need to clarify some things so you will understand better.
Click to expand...

Clarity would be nice.
First, it is my PC, my License, I am refering to.
Click to expand...

Okay - not a company-owned machine. Clarity.
No, I dont think something is just rebuilding my PC's from the ground up
Click to expand...

Hmmmm.. really? You state you have tried 4 flavors of Linux and yet SMS
still takes over your machine. Assuming you mean "Systems Management
Server" and not "Short Messaging Service"... Well - that is a Microsoft
product and does not have any way to control a *nix machine.

http://www.microsoft.com/smserver/
and I also know I am not the only IS person.
Click to expand...

True.. You posted here - I expect you wanted help from other Information
Systems' people.
What is going on is at my home, on my private PC's, on a
seperate Broadband conn.
Click to expand...

Again - not your companies connection, computer or software...
As for how I find out how its done, is by reloading my PC 2 times
a week, watch how its done, till I get all the peices.
Click to expand...

As for how "what" is done? Reloading your PC would be initiated by you or
someone on your home private network you have clearly stated you have -
unless you have some permanent VPN tunnel that is allowing this to happen
through the Internet and any router/firewall devices you have.
My rights are taken away on some areas and I have no control
over that Service or function.
Click to expand...

Sounds like group policies - for sure - in Windows anyway. Do you install
some company VPN on your private machine to remote into your company
systems? If so - it is *possible* that they may gain some control in that
way.
How it gets installed is different depending on the situation. The most
common is by the Updates... A pre-arranged template or list is used to
ensure that all the right software is installed on the first couple of
updates.
Click to expand...

Done by whom?

Unless you connect somewhere and usually initiate this (by turning on
automatic updates - for Microsoft direct updates - or running a third party
application, etc..) this is being done by you or someone behind/within your
private network.
Very common to ensure that the Volume License Holder may need
something added to their PC's that they want to make sure gets
updated . What you get is all the right parts and a small runonce file
and Ports are opened, your IP get sent to the right server and
your on your way to a totally different PC...I set up logs and all kinds
of stuff to show the process. I even have a Forenic Program that let
me see what they are putting where. The first thing that gets done is
an image is made for situations that may call for a rapid FIX.... Hard
to believe or denial is the first reaction from anyone who works with IS
....My point is that it can happen all kinds of ways, unless you just
shutoff
your PC I-Net Access....
Click to expand...

What you describe has to be initiated by you and it would not cover all of
the operating system you have claimed to have installed on your system at
one point or another.
There are forums out there that address this all the time.
Is it right or wrong for a company to be able to do this on an
Employes's PC that has outside access.
Click to expand...

Is it right? Well - as you would have to give them not only permission to
do so (more than likely written) and then have to connect to their system
and run something of theirs to initiate it unwisely... Right or wrong
depends on what you decided to do about all that.
Doesnt matter, they have the legal right to do so now.
But, should they be allowed to access every PC
on your Home Net to make sure that your
teen age daughter is not dragging in Viruses or whatever.
Click to expand...

If you are connecting to my systems using your personal computer - your
rights will be greatly reduced as to what you will have access to do for the
very reason you suggest. And to find out what is being done on other
systems on your network - you HAD to install something from the company in
order to give them the rights to do so.
I have a private and a Company only Conn. I still get hacked on my
home PC's.
Click to expand...

That sounds like a weakness in your security - not some mystery.
You ever seen a RFBluetooth program? Picks up any instance of
Bluetooth within range not matter what its on. Cell Phone, Cordless
Mouse, Keyboard... Open access's to be used
to gain entry.
....

What I was looking for was way to hold all
authority to my PC to on my account only. Can it be done?
Click to expand...

Yes - do not install anything on it from your company - do not connect to
your company's stuff in any way from any of your privately owned systems if
it requires you to install third-party software you are not sure of. If you
do connect to your company servers in some way complaint with that - do it
as a LIMITED user on your computer - with no install rights.
I can hold the Namespace Authority, but cant hold the System or Net
Authority accounts. I know its not supposed to be done, but can it
be done? The best protection for any PC that I have found is Deep
Freeze with No executables working together. About 50 dollars for
both. Nothing will execute that you dont authorize yourself and
Deep Freeze returns the PC to the same config that it was in when
you put Deep Freeze into FREEZE Mode. Again thanks for taking the
time to read this.. Nothing stated in here is false, and I have all
kinds of Log files that show this to be honest.
Click to expand...

Good - put them on a web page - because as it is, this sounds like a troll.
If you need to know the Why is this being done... Its because I didnt
allow my Private PC's to be accessed.
According to the Sarban-Ox risk factor Guide, that makes me a
Security risk.
Click to expand...

Only if you decided to access company resources with said systems - you do
not have to do this.
I dont want to take this to any other Authority ... I am looking for a way
just to do this without causing problems. I you need more detailed info,
I will be happy to provide it.
Click to expand...

Do so - on a web page with these logs and such. Again - this doesn't sound
feasible at all.
Thank you again for even taking the time to read this.
Click to expand...

Yes - it is long.

Overall - if what you stated originally and in your repost is
happening/truthful - you are beyond your own skill level and beyond the
ability of anyone in a newsgroup to help you from here. You need someone
who can see/touch the systems in question to show you where your weaknesses
are and where the mistakes allowing this to happen to you are occurring...

What makes it difficult to believe is the lack of facts, logs, proof...
Also - the way in which it is presented reminds me of another poster on
these groups (Andrew E.) --> but I could be stretching it.

A calmer, more specific post would get better attention and have a higher
belief factor.
 
You are correct, it was poorly documented and does sound "Out There"....
I do have the logs, History of changes and all manner of proof.. I
specified SMS
Console because I am Microsoft person, It should have stated SMS like
abilities.
As for he Linux part, There I am weak. I did have that part looked at by
someone
who does know. As for the Windows part, it gets into legal issues that
cannot be
answered here. A very basic one is Even if your Company Supplies you with
a Pc
and you have a DSL or whatcver of your own that you use for this
connection, do they have the right to "Check all the PC's on that Home Net
for their Basic Security reasons, Virus Software Etc... How Far are they
allowed to go? Can they install
Auditing software on a Private Home System to ensure the protection of
their systems.. Questions like this are at the "Root", if you will
excuse my use of the term, of the problem.
I do thank you for your honesty in your answers, What I wrote left to
many holes
and questions for anyone to answer. I will say that I was correct about
what was
happening, just didnt give all the information I should have to get a
workable solution. Since my last post, I did have an evaluation done by
someone with more knowledge and ability to use the correct software to solve
my problem. More often that not, its the PERSON behind the monitors and
keyboards that are the problem... Not the Systems. I appriciate you taking
the time to answer a dubious sounding inquiry and how to correctly post a
problem for a solution.. I can hoestly say that if I had read the post, I
would have had the same reaction. It was poorly written and sounded "over the
edge" a bit...
 
Back
Top