Notices

My worst fear has come true!

Old 05-21-2010, 08:34 AM
  #21  
Senior MemberCaptains Club Member
 
Join Date: Feb 2002
Location: Saugus, Ma. USA
Posts: 11,139
Default

Websense is often set to stop most attempts at proxy avoidance, including remote access like logmein or proxies like covermyass. What I have seen work successfully is installing the Tor browser on the pc. It's slow, but it works.
jobowker is offline  
Old 05-21-2010, 09:21 AM
  #22  
Senior MemberCaptains Club Member
THT sponsor
 
Schmaltz~Herring's Avatar
 
Join Date: May 2002
Location: Cruising Lake Titikacka On My 18' Bayliner Element With 60 HP Optimax's
Posts: 17,344
Default

Mr. Gubermint Emploee:


They still let you browse XXXX sites so stop your whining!
Schmaltz~Herring is offline  
Old 05-21-2010, 11:16 AM
  #23  
Admirals Club Admiral's Club Member
 
Join Date: Mar 2007
Location: South of Pennsyltucky
Posts: 9,496
Default

Originally Posted by 08087 View Post
Mike,

No offense taken in the least, I agree with you 100%. My problem is where I work we often have to pull 16 hr. shifts and at times it can be hard to keep up with a home life, pay bills communicate with realtor, lawyer accountant etc when you have to do unexpected O/T 3 days in a row.
What kind of work do you do? Just curious, because of the 16 hour shifts.
Hollywood9s is online now  
Old 05-21-2010, 12:02 PM
  #24  
Senior Member Admiral's Club Member
 
vertigo's Avatar
 
Join Date: Sep 2009
Location: Ms, Gulf Coast
Posts: 5,944
Default

Originally Posted by Schmaltz~Herring View Post
Mr. Gubermint Emploee:


They still let you browse XXXX sites so stop your whining!
That was uncalled for..
vertigo is offline  
Old 05-21-2010, 02:18 PM
  #25  
Joe
Senior MemberCaptains Club Member
 
Join Date: Mar 2001
Location: Mt Pleasant, SC
Posts: 16,100
Default

Originally Posted by wildgeechi View Post
Dangerous.... setup ssh tunnel from home instead
meh..not dangerous at all. Just slow.

I RDP'd into my server at home and surfed through it since 'late 02 until sometime lat last year. Never had a problem with it. Open up port 3389 on your firewall and ACL it to your work IP address.
Joe is offline  
Old 05-21-2010, 02:20 PM
  #26  
Joe
Senior MemberCaptains Club Member
 
Join Date: Mar 2001
Location: Mt Pleasant, SC
Posts: 16,100
Default

Originally Posted by jobowker View Post
Websense is often set to stop most attempts at proxy avoidance, including remote access like logmein or proxies like covermyass. What I have seen work successfully is installing the Tor browser on the pc. It's slow, but it works.
You're still going through a gateway. And if it's the gubmint, chances are they aren't just montoring the proxy.
Joe is offline  
Old 05-21-2010, 04:34 PM
  #27  
Admirals Club Admiral's Club Member
 
Join Date: Apr 2009
Location: Florida
Posts: 16,785
Default

Why do you think RDP is dangerous?
OldPete is offline  
Old 05-21-2010, 08:11 PM
  #28  
Senior Member
Thread Starter
 
Join Date: Nov 2005
Posts: 10,223
Default

Lets see if I can answer a few questions. I work for a by-state agency railroad, and am underground (Tunnels and such) so a wi/fi setup on a laptop won't work. The reason for the 16 hr. tours is an item called "needs of service" if they deem they need you, you are stuck. It's hard to run a life with aging parents and a newborn at home but it pays well and I knew what I signed up for when I took the job.

I tried today to log onto "LOGMEIN.COM" and it is blocked also.

Like I said during a lunch break it's nice to go to a terminal and see what's going on here at "THT" check my accounts, look at e-mails etc. Working in tunnels also means I am not surfing the web on the company’s dime. I might if I had the opportunity once in awhile but it does not happen.

A few of you mentioned things I know nothing about, if you could really break it down in layman’s terms that may help me, if not thanks for the efforts anyway.

When I try logging on I get the message: "This web site has been blocked by the system administrator. To gain access contact your administrator."

I don't think I want to be doing that even though I'm not abusing things the company will have another opinion (I'd bet).

And I've never heard of quadruple X sites before, I thought they only went up to triple X. And I'd say for certain they are blocked also.

Thanks to all and again if anyone has a solution I'll give it a shot.
08087 is offline  
Old 05-24-2010, 12:43 PM
  #29  
Admirals Club Admiral's Club Member
 
Join Date: Apr 2009
Location: Florida
Posts: 16,785
Default

One more time: Why do you think RDP is dangerous?
OldPete is offline  
Old 05-25-2010, 07:43 AM
  #30  
Senior Member
 
Join Date: May 2006
Location: Suffolk, Va.
Posts: 17,064
Default

Originally Posted by 08087 View Post
Mike,

No offense taken in the least, I agree with you 100%. My problem is where I work we often have to pull 16 hr. shifts and at times it can be hard to keep up with a home life, pay bills communicate with realtor, lawyer accountant etc when you have to do unexpected O/T 3 days in a row.

I like to log on during my lunch break as a way to unwind after checking on how the day went at home and so on.

So no offense.
We can do all of that here.
fishingfun is offline  
Old 05-25-2010, 07:59 AM
  #31  
Senior MemberCaptains Club Member
 
Join Date: Jun 2003
Location: East Central Florida
Posts: 7,299
Default

Originally Posted by OldPete View Post
One more time: Why do you think RDP is dangerous?
http://www.grc.com/port_3389.htm
Seacat FL is offline  
Old 05-25-2010, 09:00 AM
  #32  
Senior Member
 
Join Date: Jul 2009
Location: Elizabeth City NC
Posts: 9,490
Default

I work 16 sometimes 18 a day but I feel sorry for you guys sitting at a desk for that long. Least mine is outdoor physical work then ride time with xm and air card internet.
You might think this is funny but from someone that does 80+ hours a week, I don't see how you guys do it in a office.
Air card might be your best bet but you know you have to have your own laptop.
If you have a good job and your employer does not want you bouncing on THT and other personal sights is it really worth the risk?
If your in like Flinn with the boss then you might get by but most of the companys now want to get rid of the older employees and hire part time. Just make sure your risk is worth it to you.
Air card runs me about 50 a month on top of my regular phone bill. Buy it off e bay and that way if you do get caught and have to stop you won't have to keep the contract going for two years. You buy anything through the cell phone companys your locked in for the duration.
Good luck.
liveaboard74 is offline  
Old 05-25-2010, 09:27 AM
  #33  
Joe
Senior MemberCaptains Club Member
 
Join Date: Mar 2001
Location: Mt Pleasant, SC
Posts: 16,100
Default

Originally Posted by Seacat FL View Post
That's really no diffferent than any remote control port.

As stated..get a router firewall, open up 3389 TCP, and then place an ACL only to your work firewall IP address.

Or you could change from the standard 3389 to something random:

http://support.microsoft.com/kb/306759

but you still open the box up for brute force attacks if it's on the dirty side of the internet.
Joe is offline  
Old 05-25-2010, 10:30 AM
  #34  
Admirals Club Admiral's Club Member
 
Join Date: Apr 2009
Location: Florida
Posts: 16,785
Default

Originally Posted by Joe View Post
That's really no diffferent than any remote control port.

As stated..get a router firewall, open up 3389 TCP, and then place an ACL only to your work firewall IP address.

Or you could change from the standard 3389 to something random:

http://support.microsoft.com/kb/306759

but you still open the box up for brute force attacks if it's on the dirty side of the internet.
Explain what that link means about buffers and such... if they can't guess the username/password, what can they still do?
OldPete is offline  
Old 05-25-2010, 12:50 PM
  #35  
Joe
Senior MemberCaptains Club Member
 
Join Date: Mar 2001
Location: Mt Pleasant, SC
Posts: 16,100
Default

Originally Posted by OldPete View Post
Explain what that link means about buffers and such... if they can't guess the username/password, what can they still do?
You mean Seacat's link? I pulled the link for the "fix" to a buffer overflow (sometimes referred to as an unchecked buffer) from M$:

http://support.microsoft.com/kb/815021

A security vulnerability exists in a Windows component that is used by WebDAV. This vulnerability occurs because the component contains an unchecked buffer.

An attacker may exploit the vulnerability by sending a specially formed HTTP request to a computer running Microsoft Internet Information Services (IIS). The request may cause the server to fail or to run code of the attacker's choice. The code would run in the security context of the IIS service. (By default, the IIS service runs in the LocalSystem context).

Basically, an experienced hacker can get into your IIS service, and send an exploit that will run as part of your IIS service. Once they can do that, they essentially have control of your server. This isn't as easy as guessing someone's password, and it takes more than "script kiddy" ability to do it.

And I guess it could happen...but I've had secured, protected Windows sever boxes running on the dirty side of the internet for years, and the most damage that ever happened to them was caused by me clicking on a link or downloading infected advertisements from websites. I killed them..not someone else. And if you are behind a NAT router/firewall with decent anti virus pretection, you're doing about as good as can be expected.
Joe is offline  

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Thread Tools
Search this Thread