Kurt Telep on Tue, 26 Oct 1999 22:42:21 -0400 (EDT)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [Plug] telnetting around a firewall - non-technical considerations 

Also, from experience working in the school district that I think that 
you are talking about. All communications through the proxy ARE logged, 
and teh logs are checked.  Yes, technically it is feasable to get through 
the proxy (I've done it) however, since you are connecting to your box at 
home,  it's simply a matter of finding out who owns the IP you connected 
to.  

Also, from working for an ISP  it is possible to find out who had a 
specific IP at a specific time, unless of course you have a static....

Overall, this is just a bad idea.  And probably way too much trouble than 
it's worth.

On Tue, 26 Oct 1999, Michael W. Ryan wrote:

> Just to place things in perspective:  I'm a former high school teacher and
> I'm currently the technical lead for a technical education facility (and
> I've been involved in the decision to implement a proxy server on our
> classrooms).
> 
> I'm addressing this because I really have a problem with the attitude
> expressed here, and I really don't like PLUG being used as a resource for
> it.
> 
> On Tue, 26 Oct 1999, Nick R wrote:
> 
> > First, there's no rule that you can't telnet out. It's just been disabled at 
> > the proxy level.
> 
> With MS Proxy, if you want to allow telnet, you can.  This does require a
> bit of software on the client system, but it's very much possible.  If
> it's disabled, they don't want you doing it.
> 
> > Second, no, they're just idiots. I'm in the loop here and they're paranoid 
> > idiots i.e. they're trying to make a kiosk part of which involves a map of 
> > the school through which information can be accessed. Aside from the general 
> > Badness of such a proposition, they are holding on it for now because of the 
> > fear that somebody will perform a Columbine with the aid of said map. 
> > Overlooked of course is the fact that the blue prints to the school are 
> > publicly available to all and there is a map given to each student in the 
> > form of an agenda book.
> 
> Given some of the press flying around, I can see some paranoia.
> 
> Now you seem to think that they're making a decision based on uniformed
> paranoia.  Instead of just saying "screw you, I'm going to do it anyway",
> doesn't it make more sense to try to inform them, rationally with
> something other than just your (supposed) opinion?  Hacking around their
> firewall will do nothing more than vindicate their paranoia, and possibly
> convince them that being connected at all is a bad idea.
> 
> And as far as information availability goes, there's a matter of ease of
> access and visibility.  You should try to be a bit more open-minded.  Not
> everyone is familiar and comfortable with the Internet and computers.  It
> is human nature to fear that which we are not familiar with.
> 
> > Third, bah! They'd never figure it out and if they did, they'd just tell me 
> > not to do it again. I've gotten that for an actual offence that put them 
> > into a legally questionable position which I won't get into right now. For 
> > something as simple as telnetting out into my box at home they won't do 
> > anything.
> 
> You know, you're asking for trouble on this.  I'm the most easy-going
> person.  When I was teaching high school, a student would typically get
> off with a reasonably sincere apology.  All bets are off, though, if the
> student, even one of my good ones, did something because they knew they
> could get away with it.  I would then make a specific point of nailing
> them to the wall, publicly if need be.
> 
> Hey, if you want to hack your school's firewall, just to spite them, fine.
> Suit yourself.  But I'd really rather not see PLUG used as a means of
> helping you do that.
> 
> Michael W. Ryan, MCP, MCT     | OTAKON 1999
> mryan@netaxs.com              | Convention of Otaku Generation
> http://www.netaxs.com/~mryan/ | http://www.otakon.com/
> 
> PGP fingerprint: 7B E5 75 7F 24 EE 19 35  A5 DF C3 45 27 B5 DB DF
> PGP public key available by fingering mryan@unix.netaxs.com (use -l opt)
> 
> 
> _______________________________________________
> Plug maillist  -  Plug@lists.nothinbut.net
> http://lists.nothinbut.net/mail/listinfo/plug
> 

_______________________________________________
Plug maillist  -  Plug@lists.nothinbut.net
http://lists.nothinbut.net/mail/listinfo/plug